diff options
author | Daniel Gultsch <daniel@gultsch.de> | 2014-11-01 13:51:05 +0100 |
---|---|---|
committer | Daniel Gultsch <daniel@gultsch.de> | 2014-11-01 13:51:05 +0100 |
commit | a0f694ea44b9d68390846b48d720f9a37fd679b8 (patch) | |
tree | 38ee04006e38197fd8009697b8975007ec0f45c8 /libs | |
parent | 142384e5805d93887d185c9a5b74d4850e4ec719 (diff) | |
parent | 46f147a82c6b161e071f717c7686f8b78a20aaf1 (diff) |
Merge pull request #600 from SamWhited/gradle
Build system and library changes (Gradle / Subtree merging)
Diffstat (limited to 'libs')
107 files changed, 6649 insertions, 12 deletions
diff --git a/libs/MemorizingTrustManager b/libs/MemorizingTrustManager deleted file mode 160000 -Subproject fad835037adc1bd313bb56b694426fca4eb6734 diff --git a/libs/MemorizingTrustManager/.gitignore b/libs/MemorizingTrustManager/.gitignore new file mode 100644 index 00000000..c642de10 --- /dev/null +++ b/libs/MemorizingTrustManager/.gitignore @@ -0,0 +1,11 @@ +bin +build +gen +local.properties +example/bin +example/gen +tags +.project +.classpath +.gradle +.*.swp diff --git a/libs/MemorizingTrustManager/AndroidManifest.xml b/libs/MemorizingTrustManager/AndroidManifest.xml new file mode 100644 index 00000000..c125afe4 --- /dev/null +++ b/libs/MemorizingTrustManager/AndroidManifest.xml @@ -0,0 +1,11 @@ +<?xml version="1.0" encoding="utf-8"?> +<manifest xmlns:android="http://schemas.android.com/apk/res/android" + package="de.duenndns.ssl" + android:versionCode="1" + android:versionName="1.0"> + + <application android:label="MemorizingTrustManager"> + <activity android:name="de.duenndns.ssl.MemorizingActivity" + android:theme="@android:style/Theme.Translucent.NoTitleBar" /> + </application> +</manifest> diff --git a/libs/MemorizingTrustManager/LICENSE.txt b/libs/MemorizingTrustManager/LICENSE.txt new file mode 100644 index 00000000..25012507 --- /dev/null +++ b/libs/MemorizingTrustManager/LICENSE.txt @@ -0,0 +1,21 @@ +The MIT license. + +Copyright (c) 2010 Georg Lukas <georg@op-co.de> + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +THE SOFTWARE. diff --git a/libs/MemorizingTrustManager/README.mdwn b/libs/MemorizingTrustManager/README.mdwn new file mode 100644 index 00000000..c48f38de --- /dev/null +++ b/libs/MemorizingTrustManager/README.mdwn @@ -0,0 +1,125 @@ +# MemorizingTrustManager - Private Cloud Support for Your App + +MemorizingTrustManager (MTM) is a project to enable smarter and more secure use +of SSL on Android. If it encounters an unknown SSL certificate, it asks the +user whether to accept the certificate once, permanently or to abort the +connection. This is a step in preventing man-in-the-middle attacks by blindly +accepting any invalid, self-signed and/or expired certificates. + +MTM is aimed at providing seamless integration into your Android application, +and the source code is available under the MIT license. + +## Screenshots + +![MemorizingTrustManager dialog](mtm-screenshot.png) +![MemorizingTrustManager notification](mtm-notification.png) +![MemorizingTrustManager server name dialog](mtm-servername.png) + +## Status + +MemorizingTrustManager is in production use in the +[yaxim XMPP client](https://yaxim.org/). It is usable and easy to integrate, +though it does not yet support hostname validation (the Java API makes it +**hard** to integrate). + +## Integration + +MTM is easy to integrate into your own application. Follow these steps or have +a look into the demo application in the `example` directory. + +### 1. Add MTM to your project + +Download the MTM source from GitHub, or add it as a +[git submodule](http://git-scm.com/docs/git-submodule): + + # plain download: + git clone https://github.com/ge0rg/MemorizingTrustManager + # submodule: + git submodule add https://github.com/ge0rg/MemorizingTrustManager + +Then add a library project dependency to `default.properties`: + + android.library.reference.1=MemorizingTrustManager + +### 2. Add the MTM (popup) Activity to your manifest + +Edit your `AndroidManifest.xml` and add the MTM activity element right before the +end of your closing `</application>` tag. + + ... + <activity android:name="de.duenndns.ssl.MemorizingActivity" + android:theme="@android:style/Theme.Translucent.NoTitleBar" + /> + </application> + </manifest> + +### 3. Hook MTM as the default TrustManager for your connection type + +Hooking MemorizingTrustmanager in HTTPS connections: + + // register MemorizingTrustManager for HTTPS + SSLContext sc = SSLContext.getInstance("TLS"); + MemorizingTrustManager mtm = new MemorizingTrustManager(this); + sc.init(null, new X509TrustManager[] { mtm }, new java.security.SecureRandom()); + HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory()); + HttpsURLConnection.setDefaultHostnameVerifier( + mtm.wrapHostnameVerifier(HttpsURLConnection.getDefaultHostnameVerifier())); + + +Or, for aSmack you can use `setCustomSSLContext()`: + + org.jivesoftware.smack.ConnectionConfiguration connectionConfiguration = … + SSLContext sc = SSLContext.getInstance("TLS"); + MemorizingTrustManager mtm = new MemorizingTrustManager(this); + sc.init(null, new X509TrustManager[] { mtm }, new java.security.SecureRandom()); + connectionConfiguration.setCustomSSLContext(sc); + connectionConfiguration.setHostnameVerifier( + mtm.wrapHostnameVerifier(new org.apache.http.conn.ssl.StrictHostnameVerifier())); + +By default, MTM falls back to the system `TrustManager` before asking the user. +If you do not trust the establishment, you can enforce a dialog on *every new +connection* by supplying a `defaultTrustManager = null` parameter to the +constructor: + + MemorizingTrustManager mtm = new MemorizingTrustManager(this, null); + +If you want to use a different underlying `TrustManager`, like +[AndroidPinning](https://github.com/moxie0/AndroidPinning), just supply that to +MTM's constructor: + + X509TrustManager pinning = new PinningTrustManager(SystemKeyStore.getInstance(), + new String[] {"f30012bbc18c231ac1a44b788e410ce754182513"}, 0); + MemorizingTrustManager mtm = new MemorizingTrustManager(this, pinning); + +### 4. Profit! + +### Logging + +MTM uses java.util.logging (JUL) for logging purposes. If you have not +configured a Handler for JUL, then Android will by default log all +messages of Level.INFO or higher. In order to get also the debug log +messages (those with Level.FINE or lower) you need to configure a +Handler accordingly. The MTM example project contains +de.duenndns.mtmexample.JULHandler, which allows to enable and disable +debug logging at runtime. + +## Alternatives + +MemorizingTrustManager is not the only one out there. + +[**NetCipher**](https://guardianproject.info/code/netcipher/) is an Android +library made by the [Guardian Project](https://guardianproject.info/) to +improve network security for mobile apps. It comes with a StrongTrustManager +to do more thorough certificate checks, an independent Root CA store, and code +to easily route your traffic through +[the Tor network](https://www.torproject.org/) using [Orbot](https://guardianproject.info/apps/orbot/). + +[**AndroidPinning**](https://github.com/moxie0/AndroidPinning) is another Android +library, written by [Moxie Marlinspike](http://www.thoughtcrime.org/) to allow +pinning of server certificates, improving security against government-scale +MitM attacks. Use this if your app is made to communicate with a specific +server! + +## Contribute + +Please [help translating MTM into more languages](https://translations.launchpad.net/yaxim/master/+pots/mtm/)! diff --git a/libs/MemorizingTrustManager/ant.properties b/libs/MemorizingTrustManager/ant.properties new file mode 100644 index 00000000..ee52d86d --- /dev/null +++ b/libs/MemorizingTrustManager/ant.properties @@ -0,0 +1,17 @@ +# This file is used to override default values used by the Ant build system. +# +# This file must be checked in Version Control Systems, as it is +# integral to the build system of your project. + +# This file is only used by the Ant script. + +# You can use this to override default values such as +# 'source.dir' for the location of your java source folder and +# 'out.dir' for the location of your output folder. + +# You can also use it define how the release builds are signed by declaring +# the following properties: +# 'key.store' for the location of your keystore and +# 'key.alias' for the name of the key to use. +# The password will be asked during the build when you use the 'release' target. + diff --git a/libs/MemorizingTrustManager/build.gradle b/libs/MemorizingTrustManager/build.gradle new file mode 100644 index 00000000..aa022a93 --- /dev/null +++ b/libs/MemorizingTrustManager/build.gradle @@ -0,0 +1,32 @@ +buildscript { + repositories { + mavenCentral() + } + dependencies { + classpath 'com.android.tools.build:gradle:0.7.+' + } +} + +apply plugin: 'android-library' + +android { + compileSdkVersion 19 + buildToolsVersion "19.1" + defaultConfig { + minSdkVersion 7 + targetSdkVersion 19 + } + + sourceSets { + main { + manifest.srcFile 'AndroidManifest.xml' + java.srcDirs = ['src'] + resources.srcDirs = ['src'] + aidl.srcDirs = ['src'] + renderscript.srcDirs = ['src'] + res.srcDirs = ['res'] + assets.srcDirs = ['assets'] + } + } + +} diff --git a/libs/MemorizingTrustManager/build.xml b/libs/MemorizingTrustManager/build.xml new file mode 100644 index 00000000..06cf485c --- /dev/null +++ b/libs/MemorizingTrustManager/build.xml @@ -0,0 +1,92 @@ +<?xml version="1.0" encoding="UTF-8"?> +<project name="MemorizingTrustManager" default="help"> + + <!-- The local.properties file is created and updated by the 'android' tool. + It contains the path to the SDK. It should *NOT* be checked into + Version Control Systems. --> + <property file="local.properties" /> + + <!-- The ant.properties file can be created by you. It is only edited by the + 'android' tool to add properties to it. + This is the place to change some Ant specific build properties. + Here are some properties you may want to change/update: + + source.dir + The name of the source directory. Default is 'src'. + out.dir + The name of the output directory. Default is 'bin'. + + For other overridable properties, look at the beginning of the rules + files in the SDK, at tools/ant/build.xml + + Properties related to the SDK location or the project target should + be updated using the 'android' tool with the 'update' action. + + This file is an integral part of the build system for your + application and should be checked into Version Control Systems. + + --> + <property file="ant.properties" /> + + <!-- if sdk.dir was not set from one of the property file, then + get it from the ANDROID_HOME env var. + This must be done before we load project.properties since + the proguard config can use sdk.dir --> + <property environment="env" /> + <condition property="sdk.dir" value="${env.ANDROID_HOME}"> + <isset property="env.ANDROID_HOME" /> + </condition> + + <!-- The project.properties file is created and updated by the 'android' + tool, as well as ADT. + + This contains project specific properties such as project target, and library + dependencies. Lower level build properties are stored in ant.properties + (or in .classpath for Eclipse projects). + + This file is an integral part of the build system for your + application and should be checked into Version Control Systems. --> + <loadproperties srcFile="project.properties" /> + + <!-- quick check on sdk.dir --> + <fail + message="sdk.dir is missing. Make sure to generate local.properties using 'android update project' or to inject it through the ANDROID_HOME environment variable." + unless="sdk.dir" + /> + + <!-- + Import per project custom build rules if present at the root of the project. + This is the place to put custom intermediary targets such as: + -pre-build + -pre-compile + -post-compile (This is typically used for code obfuscation. + Compiled code location: ${out.classes.absolute.dir} + If this is not done in place, override ${out.dex.input.absolute.dir}) + -post-package + -post-build + -pre-clean + --> + <import file="custom_rules.xml" optional="true" /> + + <!-- Import the actual build file. + + To customize existing targets, there are two options: + - Customize only one target: + - copy/paste the target into this file, *before* the + <import> task. + - customize it to your needs. + - Customize the whole content of build.xml + - copy/paste the content of the rules files (minus the top node) + into this file, replacing the <import> task. + - customize to your needs. + + *********************** + ****** IMPORTANT ****** + *********************** + In all cases you must update the value of version-tag below to read 'custom' instead of an integer, + in order to avoid having your file be overridden by tools such as "android update project" + --> + <!-- version-tag: 1 --> + <import file="${sdk.dir}/tools/ant/build.xml" /> + +</project> diff --git a/libs/MemorizingTrustManager/example/AndroidManifest.xml b/libs/MemorizingTrustManager/example/AndroidManifest.xml new file mode 100644 index 00000000..cdc0450b --- /dev/null +++ b/libs/MemorizingTrustManager/example/AndroidManifest.xml @@ -0,0 +1,29 @@ +<?xml version="1.0" encoding="utf-8"?> +<manifest xmlns:android="http://schemas.android.com/apk/res/android" + package="de.duenndns.mtmexample" + android:versionCode="1" + android:versionName="1.0"> + + <uses-sdk + android:minSdkVersion="3" + android:targetSdkVersion="19" /> + + <uses-permission android:name="android.permission.INTERNET" /> + + <application android:label="@string/app_name" android:icon="@android:drawable/ic_lock_lock"> + <activity + android:name=".MTMExample" + android:configChanges="keyboardHidden|orientation|screenSize|screenLayout" + android:label="@string/app_name" > + + <intent-filter> + <action android:name="android.intent.action.MAIN" /> + <category android:name="android.intent.category.LAUNCHER" /> + </intent-filter> + </activity> + + <!-- ADD THE FOLLOWING TO YOUR MANIFEST: --> + <activity android:name="de.duenndns.ssl.MemorizingActivity" + android:theme="@android:style/Theme.Translucent.NoTitleBar" /> + </application> +</manifest> diff --git a/libs/MemorizingTrustManager/example/ant.properties b/libs/MemorizingTrustManager/example/ant.properties new file mode 100644 index 00000000..27fcaadd --- /dev/null +++ b/libs/MemorizingTrustManager/example/ant.properties @@ -0,0 +1,18 @@ +# This file is used to override default values used by the Ant build system. +# +# This file must be checked in Version Control Systems, as it is +# integral to the build system of your project. + +# This file is only used by the Ant script. + +# You can use this to override default values such as +# 'source.dir' for the location of your java source folder and +# 'out.dir' for the location of your output folder. + +# You can also use it define how the release builds are signed by declaring +# the following properties: +# 'key.store' for the location of your keystore and +# 'key.alias' for the name of the key to use. +# The password will be asked during the build when you use the 'release' target. + +application.package=de.duenndns.mtmexample diff --git a/libs/MemorizingTrustManager/example/build.gradle b/libs/MemorizingTrustManager/example/build.gradle new file mode 100644 index 00000000..00bfe99e --- /dev/null +++ b/libs/MemorizingTrustManager/example/build.gradle @@ -0,0 +1,23 @@ +apply plugin: 'android' + +dependencies { + compile rootProject +} + +android { + compileSdkVersion 19 + buildToolsVersion "19.1" + defaultConfig { + minSdkVersion 7 + targetSdkVersion 19 + } + + sourceSets { + main { + manifest.srcFile 'AndroidManifest.xml' + java.srcDirs = ['src'] + res.srcDirs = ['res'] + } + } + +} diff --git a/libs/MemorizingTrustManager/example/build.xml b/libs/MemorizingTrustManager/example/build.xml new file mode 100644 index 00000000..cdc74917 --- /dev/null +++ b/libs/MemorizingTrustManager/example/build.xml @@ -0,0 +1,92 @@ +<?xml version="1.0" encoding="UTF-8"?> +<project name="MTMExample" default="help"> + + <!-- The local.properties file is created and updated by the 'android' tool. + It contains the path to the SDK. It should *NOT* be checked into + Version Control Systems. --> + <property file="local.properties" /> + + <!-- The ant.properties file can be created by you. It is only edited by the + 'android' tool to add properties to it. + This is the place to change some Ant specific build properties. + Here are some properties you may want to change/update: + + source.dir + The name of the source directory. Default is 'src'. + out.dir + The name of the output directory. Default is 'bin'. + + For other overridable properties, look at the beginning of the rules + files in the SDK, at tools/ant/build.xml + + Properties related to the SDK location or the project target should + be updated using the 'android' tool with the 'update' action. + + This file is an integral part of the build system for your + application and should be checked into Version Control Systems. + + --> + <property file="ant.properties" /> + + <!-- if sdk.dir was not set from one of the property file, then + get it from the ANDROID_HOME env var. + This must be done before we load project.properties since + the proguard config can use sdk.dir --> + <property environment="env" /> + <condition property="sdk.dir" value="${env.ANDROID_HOME}"> + <isset property="env.ANDROID_HOME" /> + </condition> + + <!-- The project.properties file is created and updated by the 'android' + tool, as well as ADT. + + This contains project specific properties such as project target, and library + dependencies. Lower level build properties are stored in ant.properties + (or in .classpath for Eclipse projects). + + This file is an integral part of the build system for your + application and should be checked into Version Control Systems. --> + <loadproperties srcFile="project.properties" /> + + <!-- quick check on sdk.dir --> + <fail + message="sdk.dir is missing. Make sure to generate local.properties using 'android update project' or to inject it through the ANDROID_HOME environment variable." + unless="sdk.dir" + /> + + <!-- + Import per project custom build rules if present at the root of the project. + This is the place to put custom intermediary targets such as: + -pre-build + -pre-compile + -post-compile (This is typically used for code obfuscation. + Compiled code location: ${out.classes.absolute.dir} + If this is not done in place, override ${out.dex.input.absolute.dir}) + -post-package + -post-build + -pre-clean + --> + <import file="custom_rules.xml" optional="true" /> + + <!-- Import the actual build file. + + To customize existing targets, there are two options: + - Customize only one target: + - copy/paste the target into this file, *before* the + <import> task. + - customize it to your needs. + - Customize the whole content of build.xml + - copy/paste the content of the rules files (minus the top node) + into this file, replacing the <import> task. + - customize to your needs. + + *********************** + ****** IMPORTANT ****** + *********************** + In all cases you must update the value of version-tag below to read 'custom' instead of an integer, + in order to avoid having your file be overridden by tools such as "android update project" + --> + <!-- version-tag: 1 --> + <import file="${sdk.dir}/tools/ant/build.xml" /> + +</project> diff --git a/libs/MemorizingTrustManager/example/proguard-project.txt b/libs/MemorizingTrustManager/example/proguard-project.txt new file mode 100644 index 00000000..f2fe1559 --- /dev/null +++ b/libs/MemorizingTrustManager/example/proguard-project.txt @@ -0,0 +1,20 @@ +# To enable ProGuard in your project, edit project.properties +# to define the proguard.config property as described in that file. +# +# Add project specific ProGuard rules here. +# By default, the flags in this file are appended to flags specified +# in ${sdk.dir}/tools/proguard/proguard-android.txt +# You can edit the include path and order by changing the ProGuard +# include property in project.properties. +# +# For more details, see +# http://developer.android.com/guide/developing/tools/proguard.html + +# Add any project specific keep options here: + +# If your project uses WebView with JS, uncomment the following +# and specify the fully qualified class name to the JavaScript interface +# class: +#-keepclassmembers class fqcn.of.javascript.interface.for.webview { +# public *; +#} diff --git a/libs/MemorizingTrustManager/example/project.properties b/libs/MemorizingTrustManager/example/project.properties new file mode 100644 index 00000000..3692949f --- /dev/null +++ b/libs/MemorizingTrustManager/example/project.properties @@ -0,0 +1,12 @@ +# This file is automatically generated by Android Tools. +# Do not modify this file -- YOUR CHANGES WILL BE ERASED! +# +# This file must be checked in Version Control Systems. +# +# To customize properties used by the Ant build system use, +# "ant.properties", and override values to adapt the script to your +# project structure. + +android.library.reference.1=../ +# Project target. +target=android-19 diff --git a/libs/MemorizingTrustManager/example/res/layout/mtmexample.xml b/libs/MemorizingTrustManager/example/res/layout/mtmexample.xml new file mode 100644 index 00000000..dfef58b6 --- /dev/null +++ b/libs/MemorizingTrustManager/example/res/layout/mtmexample.xml @@ -0,0 +1,36 @@ +<?xml version="1.0" encoding="utf-8"?> +<LinearLayout xmlns:android="http://schemas.android.com/apk/res/android" + android:orientation="vertical" + android:layout_width="fill_parent" + android:layout_height="fill_parent" > + <EditText + android:id="@+id/url" + android:layout_width="fill_parent" + android:layout_height="wrap_content" + android:hint="HTTPS address" + android:text="https://op-co.de/mtm/" + android:singleLine="true" + /> + <Button + android:id="@+id/connect" + android:layout_width="fill_parent" + android:layout_height="wrap_content" + android:text="Connect" + /> + <TextView + android:id="@+id/content" + android:layout_width="fill_parent" + android:layout_height="wrap_content" + android:layout_weight="1" + android:text="Please enter a HTTPS URL and press 'Connect'!" + android:textSize="11pt" + /> + <Button + android:id="@+id/manage" + android:layout_width="fill_parent" + android:layout_height="wrap_content" + android:text="Clean up Certificates" + android:onClick="onManage" + /> +</LinearLayout> + diff --git a/libs/MemorizingTrustManager/example/res/values/strings.xml b/libs/MemorizingTrustManager/example/res/values/strings.xml new file mode 100644 index 00000000..e4f505bc --- /dev/null +++ b/libs/MemorizingTrustManager/example/res/values/strings.xml @@ -0,0 +1,4 @@ +<?xml version="1.0" encoding="utf-8"?> +<resources> + <string name="app_name">MemorizingTrustManager Example</string> +</resources> diff --git a/libs/MemorizingTrustManager/example/src/de/duenndns/mtmexample/JULHandler.java b/libs/MemorizingTrustManager/example/src/de/duenndns/mtmexample/JULHandler.java new file mode 100644 index 00000000..40f71f58 --- /dev/null +++ b/libs/MemorizingTrustManager/example/src/de/duenndns/mtmexample/JULHandler.java @@ -0,0 +1,169 @@ +package de.duenndns.mtmexample; + +import java.io.IOException; +import java.io.InputStream; +import java.io.PrintWriter; +import java.io.StringBufferInputStream; +import java.io.StringWriter; +import java.util.logging.Formatter; +import java.util.logging.Handler; +import java.util.logging.Level; +import java.util.logging.LogManager; +import java.util.logging.LogRecord; +import java.util.logging.Logger; + +import android.util.Log; + +/** + * A <code>java.util.logging</code> (JUL) Handler for Android. + * <p> + * If you want fine-grained control over MTM's logging, you can copy this + * class to your code base and call the static {@link #initialize()} method. + * </p> + * <p> + * This JUL Handler passes log messages sent to JUL to the Android log, while + * keeping the format and stack traces of optionally supplied Exceptions. It + * further allows to install a {@link DebugLogSettings} class via + * {@link #setDebugLogSettings(DebugLogSettings)} that determines whether JUL log messages of + * level {@link java.util.logging.Level#FINE} or lower are logged. This gives + * the application developer more control over the logged messages, while + * allowing a library developer to place debug log messages without risking to + * spam the Android log. + * </p> + * <p> + * If there are no {@code DebugLogSettings} configured, then all messages sent + * to JUL will be logged. + * </p> + * + * @author Florian Schmaus + * + */ +@SuppressWarnings("deprecation") +public class JULHandler extends Handler { + + /** Implement this interface to toggle debug logging. + */ + public interface DebugLogSettings { + public boolean isDebugLogEnabled(); + } + + private static final String CLASS_NAME = JULHandler.class.getName(); + + /** + * The global LogManager configuration. + * <p> + * This configures: + * <ul> + * <li> JULHandler as the default handler for all log messages + * <li> A default log level FINEST (300). Meaning that log messages of a level 300 or higher a + * logged + * </ul> + * </p> + */ + private static final InputStream LOG_MANAGER_CONFIG = new StringBufferInputStream( +// @formatter:off +"handlers = " + CLASS_NAME + '\n' + +".level = FINEST" +); +// @formatter:on + + // Constants for Android vs. JUL debug level comparisons + private static final int FINE_INT = Level.FINE.intValue(); + private static final int INFO_INT = Level.INFO.intValue(); + private static final int WARN_INT = Level.WARNING.intValue(); + private static final int SEVE_INT = Level.SEVERE.intValue(); + + private static final Logger LOGGER = Logger.getLogger(CLASS_NAME); + + /** A formatter that creates output similar to Android's Log.x. */ + private static final Formatter FORMATTER = new Formatter() { + @Override + public String format(LogRecord logRecord) { + Throwable thrown = logRecord.getThrown(); + if (thrown != null) { + StringWriter sw = new StringWriter(); + PrintWriter pw = new PrintWriter(sw, false); + pw.write(logRecord.getMessage() + ' '); + thrown.printStackTrace(pw); + pw.flush(); + return sw.toString(); + } else { + return logRecord.getMessage(); + } + } + }; + + private static DebugLogSettings sDebugLogSettings; + private static boolean initialized = false; + + public static void initialize() { + try { + LogManager.getLogManager().readConfiguration(LOG_MANAGER_CONFIG); + initialized = true; + } catch (IOException e) { + Log.e("JULHandler", "Can not initialize configuration", e); + } + if (initialized) LOGGER.info("Initialzied java.util.logging logger"); + } + + public static void setDebugLogSettings(DebugLogSettings debugLogSettings) { + if (!isInitialized()) initialize(); + sDebugLogSettings = debugLogSettings; + } + + public static boolean isInitialized() { + return initialized; + } + + public JULHandler() { + setFormatter(FORMATTER); + } + + @Override + public void close() {} + + @Override + public void flush() {} + + @Override + public boolean isLoggable(LogRecord record) { + final boolean debugLog = sDebugLogSettings == null ? true : sDebugLogSettings + .isDebugLogEnabled(); + + if (record.getLevel().intValue() <= FINE_INT) { + return debugLog; + } + return true; + } + + /** JUL method that forwards log records to Android's LogCat. */ + @Override + public void publish(LogRecord record) { + if (!isLoggable(record)) return; + + final int priority = getAndroidPriority(record.getLevel()); + final String tag = substringAfterLastDot(record.getSourceClassName()); + final String msg = getFormatter().format(record); + + Log.println(priority, tag, msg); + } + + /** Helper to convert JUL verbosity levels to Android's Log. */ + private static int getAndroidPriority(Level level) { + int value = level.intValue(); + if (value >= SEVE_INT) { + return Log.ERROR; + } else if (value >= WARN_INT) { + return Log.WARN; + } else if (value >= INFO_INT) { + return Log.INFO; + } else { + return Log.DEBUG; + } + } + + /** Helper to extract short class names. */ + private static String substringAfterLastDot(String s) { + return s.substring(s.lastIndexOf('.') + 1).trim(); + } +} diff --git a/libs/MemorizingTrustManager/example/src/de/duenndns/mtmexample/MTMExample.java b/libs/MemorizingTrustManager/example/src/de/duenndns/mtmexample/MTMExample.java new file mode 100644 index 00000000..0d16ae82 --- /dev/null +++ b/libs/MemorizingTrustManager/example/src/de/duenndns/mtmexample/MTMExample.java @@ -0,0 +1,143 @@ +package de.duenndns.mtmexample; + +import android.app.Activity; +import android.app.AlertDialog; +import android.content.DialogInterface; +import android.os.Bundle; +import android.os.Handler; +import android.view.View; +import android.view.View.OnClickListener; +import android.view.Window; +import android.widget.ArrayAdapter; +import android.widget.EditText; +import android.widget.TextView; + +import java.net.URL; +import java.security.KeyStoreException; +import java.util.ArrayList; +import java.util.Collections; + +import javax.net.ssl.HostnameVerifier; +import javax.net.ssl.SSLContext; +import javax.net.ssl.HttpsURLConnection; +import javax.net.ssl.X509TrustManager; + +import de.duenndns.ssl.MemorizingTrustManager; + +/** + * Example to demonstrate the use of MemorizingTrustManager on HTTPS + * sockets. + */ +public class MTMExample extends Activity implements OnClickListener +{ + MemorizingTrustManager mtm; + + TextView content; + HostnameVerifier defaultverifier; + EditText urlinput; + String text; + Handler hdlr; + + /** Creates the Activity and registers a MemorizingTrustManager. */ + @Override + public void onCreate(Bundle savedInstanceState) + { + super.onCreate(savedInstanceState); + JULHandler.initialize(); + requestWindowFeature(Window.FEATURE_INDETERMINATE_PROGRESS); + setContentView(R.layout.mtmexample); + + + // set up gui elements + findViewById(R.id.connect).setOnClickListener(this); + content = (TextView)findViewById(R.id.content); + urlinput = (EditText)findViewById(R.id.url); + + // register handler for background thread + hdlr = new Handler(); + + // Here, the MemorizingTrustManager is activated for HTTPS + try { + // set location of the keystore + MemorizingTrustManager.setKeyStoreFile("private", "sslkeys.bks"); + + // register MemorizingTrustManager for HTTPS + SSLContext sc = SSLContext.getInstance("TLS"); + mtm = new MemorizingTrustManager(this); + sc.init(null, new X509TrustManager[] { mtm }, + new java.security.SecureRandom()); + HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory()); + HttpsURLConnection.setDefaultHostnameVerifier( + mtm.wrapHostnameVerifier(HttpsURLConnection.getDefaultHostnameVerifier())); + + // disable redirects to reduce possible confusion + HttpsURLConnection.setFollowRedirects(false); + } catch (Exception e) { + e.printStackTrace(); + } + } + + /** Updates the screen content from a background thread. */ + void setText(final String s, final boolean progress) { + text = s; + hdlr.post(new Runnable() { + public void run() { + content.setText(s); + setProgressBarIndeterminateVisibility(progress); + } + }); + } + + /** Spawns a new thread connecting to the specified URL. + * The result of the request is displayed on the screen. + * @param urlString a HTTPS URL to connect to. + */ + void connect(final String urlString) { + new Thread() { + public void run() { + try { + URL u = new URL(urlString); + HttpsURLConnection c = (HttpsURLConnection)u.openConnection(); + c.connect(); + setText("" + c.getResponseCode() + " " + + c.getResponseMessage(), false); + c.disconnect(); + } catch (Exception e) { + setText(e.toString(), false); + e.printStackTrace(); + } + } + }.start(); + } + + /** Reacts on the connect Button press. */ + @Override + public void onClick(View view) { + String url = urlinput.getText().toString(); + setText("Loading " + url, true); + setProgressBarIndeterminateVisibility(true); + connect(url); + } + + /** React on the "Manage Certificates" button press. */ + public void onManage(View view) { + final ArrayList<String> aliases = Collections.list(mtm.getCertificates()); + ArrayAdapter<String> adapter = new ArrayAdapter<String>(this, android.R.layout.select_dialog_item, aliases); + new AlertDialog.Builder(this).setTitle("Tap Certificate to Delete") + .setNegativeButton(android.R.string.cancel, null) + .setAdapter(adapter, new DialogInterface.OnClickListener() { + @Override + public void onClick(DialogInterface dialog, int which) { + try { + String alias = aliases.get(which); + mtm.deleteCertificate(alias); + setText("Deleted " + alias, false); + } catch (KeyStoreException e) { + e.printStackTrace(); + setText("Error: " + e.getLocalizedMessage(), false); + } + } + }) + .create().show(); + } +} diff --git a/libs/MemorizingTrustManager/libs/.android_sucks b/libs/MemorizingTrustManager/libs/.android_sucks new file mode 100644 index 00000000..e69de29b --- /dev/null +++ b/libs/MemorizingTrustManager/libs/.android_sucks diff --git a/libs/MemorizingTrustManager/mtm-notification.png b/libs/MemorizingTrustManager/mtm-notification.png Binary files differnew file mode 100644 index 00000000..d8531790 --- /dev/null +++ b/libs/MemorizingTrustManager/mtm-notification.png diff --git a/libs/MemorizingTrustManager/mtm-screenshot.png b/libs/MemorizingTrustManager/mtm-screenshot.png Binary files differnew file mode 100644 index 00000000..41204459 --- /dev/null +++ b/libs/MemorizingTrustManager/mtm-screenshot.png diff --git a/libs/MemorizingTrustManager/mtm-servername.png b/libs/MemorizingTrustManager/mtm-servername.png Binary files differnew file mode 100644 index 00000000..332b5959 --- /dev/null +++ b/libs/MemorizingTrustManager/mtm-servername.png diff --git a/libs/MemorizingTrustManager/proguard-project.txt b/libs/MemorizingTrustManager/proguard-project.txt new file mode 100644 index 00000000..f2fe1559 --- /dev/null +++ b/libs/MemorizingTrustManager/proguard-project.txt @@ -0,0 +1,20 @@ +# To enable ProGuard in your project, edit project.properties +# to define the proguard.config property as described in that file. +# +# Add project specific ProGuard rules here. +# By default, the flags in this file are appended to flags specified +# in ${sdk.dir}/tools/proguard/proguard-android.txt +# You can edit the include path and order by changing the ProGuard +# include property in project.properties. +# +# For more details, see +# http://developer.android.com/guide/developing/tools/proguard.html + +# Add any project specific keep options here: + +# If your project uses WebView with JS, uncomment the following +# and specify the fully qualified class name to the JavaScript interface +# class: +#-keepclassmembers class fqcn.of.javascript.interface.for.webview { +# public *; +#} diff --git a/libs/MemorizingTrustManager/project.properties b/libs/MemorizingTrustManager/project.properties new file mode 100644 index 00000000..c57400d0 --- /dev/null +++ b/libs/MemorizingTrustManager/project.properties @@ -0,0 +1,12 @@ +# This file is automatically generated by Android Tools. +# Do not modify this file -- YOUR CHANGES WILL BE ERASED! +# +# This file must be checked in Version Control Systems. +# +# To customize properties used by the Ant build system use, +# "ant.properties", and override values to adapt the script to your +# project structure. + +android.library=true +# Project target. +target=android-19 diff --git a/libs/MemorizingTrustManager/res/values-de/strings.xml b/libs/MemorizingTrustManager/res/values-de/strings.xml new file mode 100644 index 00000000..17682209 --- /dev/null +++ b/libs/MemorizingTrustManager/res/values-de/strings.xml @@ -0,0 +1,17 @@ +<?xml version="1.0" encoding="utf-8"?> +<resources> + <string name="mtm_accept_cert">Unbekanntes Zertifikat akzeptieren?</string> + <string name="mtm_trust_anchor">Das Serverzertifikat stammt nicht von einer bekannten Ausstellungsstelle (CA).</string> + <string name="mtm_cert_expired">The server certificate is expired.</string> + <string name="mtm_accept_servername">Abweichenden Servernamen akzeptieren?</string> + <string name="mtm_hostname_mismatch">Der Server konnte sich nicht als \"%s\" ausweisen. Das Zertifikat gilt nur für:</string> + + <string name="mtm_connect_anyway">Verbindung trotzdem aufbauen?</string> + <string name="mtm_cert_details">Zertifikat-Details:</string> + + <string name="mtm_decision_always">Immer</string> + <string name="mtm_decision_once">Einmal</string> + <string name="mtm_decision_abort">Abbrechen</string> + + <string name="mtm_notification">Zertifikatsprüfung</string> +</resources> diff --git a/libs/MemorizingTrustManager/res/values-es/strings.xml b/libs/MemorizingTrustManager/res/values-es/strings.xml new file mode 100644 index 00000000..c989db3c --- /dev/null +++ b/libs/MemorizingTrustManager/res/values-es/strings.xml @@ -0,0 +1,17 @@ +<?xml version="1.0" encoding="utf-8"?> +<resources> + <string name="mtm_accept_cert">¿Aceptar certicado desconocido?</string> + <string name="mtm_trust_anchor">El certificado del servidor no está firmado por una Autoridad Conocida (CA).</string> + <string name="mtm_cert_expired">The server certificate is expired.</string> + <string name="mtm_accept_servername">¿Aceptar discordancia en nombre del servidor?</string> + <string name="mtm_hostname_mismatch">El servidor no ha podido autenticarte como \"%s\". El certificado es solo válido para:</string> + + <string name="mtm_connect_anyway">¿Quieres conectar de todas formas?</string> + <string name="mtm_cert_details">Detalle del certificado:</string> + + <string name="mtm_decision_always">Siempre</string> + <string name="mtm_decision_once">Una vez</string> + <string name="mtm_decision_abort">Abortar</string> + + <string name="mtm_notification">Verificación de Certificado</string> +</resources> diff --git a/libs/MemorizingTrustManager/res/values-eu/strings.xml b/libs/MemorizingTrustManager/res/values-eu/strings.xml new file mode 100644 index 00000000..97e7c32a --- /dev/null +++ b/libs/MemorizingTrustManager/res/values-eu/strings.xml @@ -0,0 +1,17 @@ +<?xml version="1.0" encoding="utf-8"?> +<resources> + <string name="mtm_accept_cert">Ziurtagiri ezezaguna onartu?</string> + <string name="mtm_trust_anchor">Zerbitzariaren ziurtagiria ez dago Ziurtagiri-emaile Autoritate ezagun batez sinatuta.</string> + <string name="mtm_cert_expired">Zerbitzariaren ziurtagiria iraungi da.</string> + <string name="mtm_accept_servername">Zerbitzariaren izeneko desadostasuna onartu?</string> + <string name="mtm_hostname_mismatch">Zerbitzaria ezin izan da \"%s\" bezala autentifikatu. Ziurtagiria soilik honetarako baliagarria da:</string> + + <string name="mtm_connect_anyway">Konektatu hala ere?</string> + <string name="mtm_cert_details">Ziurtagiriaren xehetasunak:</string> + + <string name="mtm_decision_always">Beti</string> + <string name="mtm_decision_once">Behin</string> + <string name="mtm_decision_abort">Utzi</string> + + <string name="mtm_notification">Ziurtagiriaren egiaztapena</string> +</resources> diff --git a/libs/MemorizingTrustManager/res/values-fi/strings.xml b/libs/MemorizingTrustManager/res/values-fi/strings.xml new file mode 100644 index 00000000..2dfe31ac --- /dev/null +++ b/libs/MemorizingTrustManager/res/values-fi/strings.xml @@ -0,0 +1,16 @@ +<?xml version="1.0" encoding="utf-8"?> +<resources> + <string name="mtm_accept_cert">Hyväksytäänkö palvelimen antama tuntematon varmenne?</string> + <string name="mtm_trust_anchor">Palvelimen varmenne ei ole tunnetun varmentajan (CA) allekirjoittama.</string> + <string name="mtm_accept_servername">Sallitaanko palvelimen nimi, joka ei vastaa varmeenteessa olevaa nimeä?</string> + <string name="mtm_hostname_mismatch">Palvelimella ei ole varmennetta nimelle \"%s\". Varmenteen sisältämät nimet:</string> + + <string name="mtm_connect_anyway">Haluatko jatkaa yhteyden muodostamista?</string> + <string name="mtm_cert_details">Sertifikaatin tiedot:</string> + + <string name="mtm_decision_always">Aina</string> + <string name="mtm_decision_once">Kerran</string> + <string name="mtm_decision_abort">Keskeytä</string> + + <string name="mtm_notification">Varmenteen tarkistus</string> +</resources> diff --git a/libs/MemorizingTrustManager/res/values-fr/strings.xml b/libs/MemorizingTrustManager/res/values-fr/strings.xml new file mode 100644 index 00000000..db27c9af --- /dev/null +++ b/libs/MemorizingTrustManager/res/values-fr/strings.xml @@ -0,0 +1,16 @@ +<?xml version="1.0" encoding="utf-8"?> +<resources> + <string name="mtm_accept_cert">Accept Unknown Certificate?</string> + <string name="mtm_trust_anchor">Le certificat du serveur n’est pas signé par une Autorité de Certification reconnue.</string> + <string name="mtm_accept_servername">Accept Mismatching Server Name?</string> + <string name="mtm_hostname_mismatch">Server could not authenticate as \"%s\". The certificate is only valid for:</string> + + <string name="mtm_connect_anyway">Do you want to connect anyway?</string> + <string name="mtm_cert_details">Détails du certificat :</string> + + <string name="mtm_decision_always">Toujours</string> + <string name="mtm_decision_once">Une seule fois</string> + <string name="mtm_decision_abort">Annuler</string> + + <string name="mtm_notification">Certificate Verification</string> +</resources> diff --git a/libs/MemorizingTrustManager/res/values-no/strings.xml b/libs/MemorizingTrustManager/res/values-no/strings.xml new file mode 100644 index 00000000..8cf9614b --- /dev/null +++ b/libs/MemorizingTrustManager/res/values-no/strings.xml @@ -0,0 +1,16 @@ +<?xml version="1.0" encoding="utf-8"?> +<resources> + <string name="mtm_accept_cert">Godta ukjent sertifikat?</string> + <string name="mtm_trust_anchor">Sertifikatet er ikke utstilt av en kjent utstiller (CA).</string> + <string name="mtm_accept_servername">Godta feil servernavn?</string> + <string name="mtm_hostname_mismatch">Serveren heter ikke \"%s\". Sertifikatet gjelder bare for: </string> + + <string name="mtm_connect_anyway">Vil du bruke serveren likevel?</string> + <string name="mtm_cert_details">Sertifikatdetaljer:</string> + + <string name="mtm_decision_always">Alltid</string> + <string name="mtm_decision_once">En gang</string> + <string name="mtm_decision_abort">Avbryt</string> + + <string name="mtm_notification">Sertifikat-sjekk</string> +</resources> diff --git a/libs/MemorizingTrustManager/res/values/strings.xml b/libs/MemorizingTrustManager/res/values/strings.xml new file mode 100644 index 00000000..c3862889 --- /dev/null +++ b/libs/MemorizingTrustManager/res/values/strings.xml @@ -0,0 +1,17 @@ +<?xml version="1.0" encoding="utf-8"?> +<resources> + <string name="mtm_accept_cert">Accept Unknown Certificate?</string> + <string name="mtm_trust_anchor">The server certificate is not signed by a known Certificate Authority.</string> + <string name="mtm_cert_expired">The server certificate is expired.</string> + <string name="mtm_accept_servername">Accept Mismatching Server Name?</string> + <string name="mtm_hostname_mismatch">Server could not authenticate as \"%s\". The certificate is only valid for:</string> + + <string name="mtm_connect_anyway">Do you want to connect anyway?</string> + <string name="mtm_cert_details">Certificate details:</string> + + <string name="mtm_decision_always">Always</string> + <string name="mtm_decision_once">Once</string> + <string name="mtm_decision_abort">Abort</string> + + <string name="mtm_notification">Certificate Verification</string> +</resources> diff --git a/libs/MemorizingTrustManager/settings.gradle b/libs/MemorizingTrustManager/settings.gradle new file mode 100644 index 00000000..ff1d046b --- /dev/null +++ b/libs/MemorizingTrustManager/settings.gradle @@ -0,0 +1 @@ +include ':example' diff --git a/libs/MemorizingTrustManager/src/de/duenndns/ssl/MTMDecision.java b/libs/MemorizingTrustManager/src/de/duenndns/ssl/MTMDecision.java new file mode 100644 index 00000000..0efe6b51 --- /dev/null +++ b/libs/MemorizingTrustManager/src/de/duenndns/ssl/MTMDecision.java @@ -0,0 +1,33 @@ +/* MemorizingTrustManager - a TrustManager which asks the user about invalid + * certificates and memorizes their decision. + * + * Copyright (c) 2010 Georg Lukas <georg@op-co.de> + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN + * THE SOFTWARE. + */ +package de.duenndns.ssl; + +class MTMDecision { + public final static int DECISION_INVALID = 0; + public final static int DECISION_ABORT = 1; + public final static int DECISION_ONCE = 2; + public final static int DECISION_ALWAYS = 3; + + int state = DECISION_INVALID; +} diff --git a/libs/MemorizingTrustManager/src/de/duenndns/ssl/MemorizingActivity.java b/libs/MemorizingTrustManager/src/de/duenndns/ssl/MemorizingActivity.java new file mode 100644 index 00000000..013ac29b --- /dev/null +++ b/libs/MemorizingTrustManager/src/de/duenndns/ssl/MemorizingActivity.java @@ -0,0 +1,103 @@ +/* MemorizingTrustManager - a TrustManager which asks the user about invalid + * certificates and memorizes their decision. + * + * Copyright (c) 2010 Georg Lukas <georg@op-co.de> + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN + * THE SOFTWARE. + */ +package de.duenndns.ssl; + + +import java.util.logging.Level; +import java.util.logging.Logger; + +import android.app.Activity; +import android.app.AlertDialog; +import android.content.DialogInterface; +import android.content.DialogInterface.*; +import android.content.Intent; +import android.os.Bundle; + +public class MemorizingActivity extends Activity + implements OnClickListener,OnCancelListener { + + private final static Logger LOGGER = Logger.getLogger(MemorizingActivity.class.getName()); + + int decisionId; + + AlertDialog dialog; + + @Override + public void onCreate(Bundle savedInstanceState) { + LOGGER.log(Level.FINE, "onCreate"); + super.onCreate(savedInstanceState); + } + + @Override + public void onResume() { + super.onResume(); + Intent i = getIntent(); + decisionId = i.getIntExtra(MemorizingTrustManager.DECISION_INTENT_ID, MTMDecision.DECISION_INVALID); + int titleId = i.getIntExtra(MemorizingTrustManager.DECISION_TITLE_ID, R.string.mtm_accept_cert); + String cert = i.getStringExtra(MemorizingTrustManager.DECISION_INTENT_CERT); + LOGGER.log(Level.FINE, "onResume with " + i.getExtras() + " decId=" + decisionId + " data: " + i.getData()); + dialog = new AlertDialog.Builder(this).setTitle(titleId) + .setMessage(cert) + .setPositiveButton(R.string.mtm_decision_always, this) + .setNeutralButton(R.string.mtm_decision_once, this) + .setNegativeButton(R.string.mtm_decision_abort, this) + .setOnCancelListener(this) + .create(); + dialog.show(); + } + + @Override + protected void onPause() { + if (dialog.isShowing()) + dialog.dismiss(); + super.onPause(); + } + + void sendDecision(int decision) { + LOGGER.log(Level.FINE, "Sending decision: " + decision); + MemorizingTrustManager.interactResult(decisionId, decision); + finish(); + } + + // react on AlertDialog button press + public void onClick(DialogInterface dialog, int btnId) { + int decision; + dialog.dismiss(); + switch (btnId) { + case DialogInterface.BUTTON_POSITIVE: + decision = MTMDecision.DECISION_ALWAYS; + break; + case DialogInterface.BUTTON_NEUTRAL: + decision = MTMDecision.DECISION_ONCE; + break; + default: + decision = MTMDecision.DECISION_ABORT; + } + sendDecision(decision); + } + + public void onCancel(DialogInterface dialog) { + sendDecision(MTMDecision.DECISION_ABORT); + } +} diff --git a/libs/MemorizingTrustManager/src/de/duenndns/ssl/MemorizingTrustManager.java b/libs/MemorizingTrustManager/src/de/duenndns/ssl/MemorizingTrustManager.java new file mode 100644 index 00000000..9032ba25 --- /dev/null +++ b/libs/MemorizingTrustManager/src/de/duenndns/ssl/MemorizingTrustManager.java @@ -0,0 +1,735 @@ +/* MemorizingTrustManager - a TrustManager which asks the user about invalid + * certificates and memorizes their decision. + * + * Copyright (c) 2010 Georg Lukas <georg@op-co.de> + * + * MemorizingTrustManager.java contains the actual trust manager and interface + * code to create a MemorizingActivity and obtain the results. + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN + * THE SOFTWARE. + */ +package de.duenndns.ssl; + +import android.app.Activity; +import android.app.Application; +import android.app.Notification; +import android.app.NotificationManager; +import android.app.Service; +import android.app.PendingIntent; +import android.content.Context; +import android.content.Intent; +import android.net.Uri; +import android.util.SparseArray; +import android.os.Handler; + +import java.io.File; +import java.io.IOException; +import java.security.cert.*; +import java.security.KeyStore; +import java.security.KeyStoreException; +import java.security.MessageDigest; +import java.util.logging.Level; +import java.util.logging.Logger; +import java.text.SimpleDateFormat; +import java.util.Collection; +import java.util.Enumeration; +import java.util.List; +import java.util.Locale; + +import javax.net.ssl.HostnameVerifier; +import javax.net.ssl.SSLSession; +import javax.net.ssl.TrustManager; +import javax.net.ssl.TrustManagerFactory; +import javax.net.ssl.X509TrustManager; + +/** + * A X509 trust manager implementation which asks the user about invalid + * certificates and memorizes their decision. + * <p> + * The certificate validity is checked using the system default X509 + * TrustManager, creating a query Dialog if the check fails. + * <p> + * <b>WARNING:</b> This only works if a dedicated thread is used for + * opening sockets! + */ +public class MemorizingTrustManager implements X509TrustManager { + final static String DECISION_INTENT = "de.duenndns.ssl.DECISION"; + final static String DECISION_INTENT_ID = DECISION_INTENT + ".decisionId"; + final static String DECISION_INTENT_CERT = DECISION_INTENT + ".cert"; + final static String DECISION_INTENT_CHOICE = DECISION_INTENT + ".decisionChoice"; + + private final static Logger LOGGER = Logger.getLogger(MemorizingTrustManager.class.getName()); + final static String DECISION_TITLE_ID = DECISION_INTENT + ".titleId"; + private final static int NOTIFICATION_ID = 100509; + + final static String NO_TRUST_ANCHOR = "Trust anchor for certification path not found."; + + static String KEYSTORE_DIR = "KeyStore"; + static String KEYSTORE_FILE = "KeyStore.bks"; + + Context master; + Activity foregroundAct; + NotificationManager notificationManager; + private static int decisionId = 0; + private static SparseArray<MTMDecision> openDecisions = new SparseArray<MTMDecision>(); + + Handler masterHandler; + private File keyStoreFile; + private KeyStore appKeyStore; + private X509TrustManager defaultTrustManager; + private X509TrustManager appTrustManager; + + /** Creates an instance of the MemorizingTrustManager class that falls back to a custom TrustManager. + * + * You need to supply the application context. This has to be one of: + * - Application + * - Activity + * - Service + * + * The context is used for file management, to display the dialog / + * notification and for obtaining translated strings. + * + * @param m Context for the application. + * @param defaultTrustManager Delegate trust management to this TM. If null, the user must accept every certificate. + */ + public MemorizingTrustManager(Context m, X509TrustManager defaultTrustManager) { + init(m); + this.appTrustManager = getTrustManager(appKeyStore); + this.defaultTrustManager = defaultTrustManager; + } + + /** Creates an instance of the MemorizingTrustManager class using the system X509TrustManager. + * + * You need to supply the application context. This has to be one of: + * - Application + * - Activity + * - Service + * + * The context is used for file management, to display the dialog / + * notification and for obtaining translated strings. + * + * @param m Context for the application. + */ + public MemorizingTrustManager(Context m) { + init(m); + this.appTrustManager = getTrustManager(appKeyStore); + this.defaultTrustManager = getTrustManager(null); + } + + void init(Context m) { + master = m; + masterHandler = new Handler(m.getMainLooper()); + notificationManager = (NotificationManager)master.getSystemService(Context.NOTIFICATION_SERVICE); + + Application app; + if (m instanceof Application) { + app = (Application)m; + } else if (m instanceof Service) { + app = ((Service)m).getApplication(); + } else if (m instanceof Activity) { + app = ((Activity)m).getApplication(); + } else throw new ClassCastException("MemorizingTrustManager context must be either Activity or Service!"); + + File dir = app.getDir(KEYSTORE_DIR, Context.MODE_PRIVATE); + keyStoreFile = new File(dir + File.separator + KEYSTORE_FILE); + + appKeyStore = loadAppKeyStore(); + } + + + /** + * Returns a X509TrustManager list containing a new instance of + * TrustManagerFactory. + * + * This function is meant for convenience only. You can use it + * as follows to integrate TrustManagerFactory for HTTPS sockets: + * + * <pre> + * SSLContext sc = SSLContext.getInstance("TLS"); + * sc.init(null, MemorizingTrustManager.getInstanceList(this), + * new java.security.SecureRandom()); + * HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory()); + * </pre> + * @param c Activity or Service to show the Dialog / Notification + */ + public static X509TrustManager[] getInstanceList(Context c) { + return new X509TrustManager[] { new MemorizingTrustManager(c) }; + } + + /** + * Binds an Activity to the MTM for displaying the query dialog. + * + * This is useful if your connection is run from a service that is + * triggered by user interaction -- in such cases the activity is + * visible and the user tends to ignore the service notification. + * + * You should never have a hidden activity bound to MTM! Use this + * function in onResume() and @see unbindDisplayActivity in onPause(). + * + * @param act Activity to be bound + */ + public void bindDisplayActivity(Activity act) { + foregroundAct = act; + } + + /** + * Removes an Activity from the MTM display stack. + * + * Always call this function when the Activity added with + * {@link #bindDisplayActivity(Activity)} is hidden. + * + * @param act Activity to be unbound + */ + public void unbindDisplayActivity(Activity act) { + // do not remove if it was overridden by a different activity + if (foregroundAct == act) + foregroundAct = null; + } + + /** + * Changes the path for the KeyStore file. + * + * The actual filename relative to the app's directory will be + * <code>app_<i>dirname</i>/<i>filename</i></code>. + * + * @param dirname directory to store the KeyStore. + * @param filename file name for the KeyStore. + */ + public static void setKeyStoreFile(String dirname, String filename) { + KEYSTORE_DIR = dirname; + KEYSTORE_FILE = filename; + } + + /** + * Get a list of all certificate aliases stored in MTM. + * + * @return an {@link Enumeration} of all certificates + */ + public Enumeration<String> getCertificates() { + try { + return appKeyStore.aliases(); + } catch (KeyStoreException e) { + // this should never happen, however... + throw new RuntimeException(e); + } + } + + /** + * Get a certificate for a given alias. + * + * @param alias the certificate's alias as returned by {@link #getCertificates()}. + * + * @return the certificate associated with the alias or <tt>null</tt> if none found. + */ + public Certificate getCertificate(String alias) { + try { + return appKeyStore.getCertificate(alias); + } catch (KeyStoreException e) { + // this should never happen, however... + throw new RuntimeException(e); + } + } + + /** + * Removes the given certificate from MTMs key store. + * + * <p> + * <b>WARNING</b>: this does not immediately invalidate the certificate. It is + * well possible that (a) data is transmitted over still existing connections or + * (b) new connections are created using TLS renegotiation, without a new cert + * check. + * </p> + * @param alias the certificate's alias as returned by {@link #getCertificates()}. + * + * @throws KeyStoreException if the certificate could not be deleted. + */ + public void deleteCertificate(String alias) throws KeyStoreException { + appKeyStore.deleteEntry(alias); + keyStoreUpdated(); + } + + /** + * Creates a new hostname verifier supporting user interaction. + * + * <p>This method creates a new {@link HostnameVerifier} that is bound to + * the given instance of {@link MemorizingTrustManager}, and leverages an + * existing {@link HostnameVerifier}. The returned verifier performs the + * following steps, returning as soon as one of them succeeds: + * </p> + * <ol> + * <li>Success, if the wrapped defaultVerifier accepts the certificate.</li> + * <li>Success, if the server certificate is stored in the keystore under the given hostname.</li> + * <li>Ask the user and return accordingly.</li> + * <li>Failure on exception.</li> + * </ol> + * + * @param defaultVerifier the {@link HostnameVerifier} that should perform the actual check + * @return a new hostname verifier using the MTM's key store + * + * @throws IllegalArgumentException if the defaultVerifier parameter is null + */ + public HostnameVerifier wrapHostnameVerifier(final HostnameVerifier defaultVerifier) { + if (defaultVerifier == null) + throw new IllegalArgumentException("The default verifier may not be null"); + + return new MemorizingHostnameVerifier(defaultVerifier); + } + + public HostnameVerifier wrapHostnameVerifierNonInteractive(final HostnameVerifier defaultVerifier) { + if (defaultVerifier == null) + throw new IllegalArgumentException("The default verifier may not be null"); + + return new NonInteractiveMemorizingHostnameVerifier(defaultVerifier); + } + + X509TrustManager getTrustManager(KeyStore ks) { + try { + TrustManagerFactory tmf = TrustManagerFactory.getInstance("X509"); + tmf.init(ks); + for (TrustManager t : tmf.getTrustManagers()) { + if (t instanceof X509TrustManager) { + return (X509TrustManager)t; + } + } + } catch (Exception e) { + // Here, we are covering up errors. It might be more useful + // however to throw them out of the constructor so the + // embedding app knows something went wrong. + LOGGER.log(Level.SEVERE, "getTrustManager(" + ks + ")", e); + } + return null; + } + + KeyStore loadAppKeyStore() { + KeyStore ks; + try { + ks = KeyStore.getInstance(KeyStore.getDefaultType()); + } catch (KeyStoreException e) { + LOGGER.log(Level.SEVERE, "getAppKeyStore()", e); + return null; + } + try { + ks.load(null, null); + ks.load(new java.io.FileInputStream(keyStoreFile), "MTM".toCharArray()); + } catch (java.io.FileNotFoundException e) { + LOGGER.log(Level.INFO, "getAppKeyStore(" + keyStoreFile + ") - file does not exist"); + } catch (Exception e) { + LOGGER.log(Level.SEVERE, "getAppKeyStore(" + keyStoreFile + ")", e); + } + return ks; + } + + void storeCert(String alias, Certificate cert) { + try { + appKeyStore.setCertificateEntry(alias, cert); + } catch (KeyStoreException e) { + LOGGER.log(Level.SEVERE, "storeCert(" + cert + ")", e); + return; + } + keyStoreUpdated(); + } + + void storeCert(X509Certificate cert) { + storeCert(cert.getSubjectDN().toString(), cert); + } + + void keyStoreUpdated() { + // reload appTrustManager + appTrustManager = getTrustManager(appKeyStore); + + // store KeyStore to file + java.io.FileOutputStream fos = null; + try { + fos = new java.io.FileOutputStream(keyStoreFile); + appKeyStore.store(fos, "MTM".toCharArray()); + } catch (Exception e) { + LOGGER.log(Level.SEVERE, "storeCert(" + keyStoreFile + ")", e); + } finally { + if (fos != null) { + try { + fos.close(); + } catch (IOException e) { + LOGGER.log(Level.SEVERE, "storeCert(" + keyStoreFile + ")", e); + } + } + } + } + + // if the certificate is stored in the app key store, it is considered "known" + private boolean isCertKnown(X509Certificate cert) { + try { + return appKeyStore.getCertificateAlias(cert) != null; + } catch (KeyStoreException e) { + return false; + } + } + + private boolean isExpiredException(Throwable e) { + do { + if (e instanceof CertificateExpiredException) + return true; + e = e.getCause(); + } while (e != null); + return false; + } + + public void checkCertTrusted(X509Certificate[] chain, String authType, boolean isServer, boolean interactive) + throws CertificateException + { + LOGGER.log(Level.FINE, "checkCertTrusted(" + chain + ", " + authType + ", " + isServer + ")"); + try { + LOGGER.log(Level.FINE, "checkCertTrusted: trying appTrustManager"); + if (isServer) + appTrustManager.checkServerTrusted(chain, authType); + else + appTrustManager.checkClientTrusted(chain, authType); + } catch (CertificateException ae) { + LOGGER.log(Level.FINER, "checkCertTrusted: appTrustManager failed", ae); + // if the cert is stored in our appTrustManager, we ignore expiredness + if (isExpiredException(ae)) { + LOGGER.log(Level.INFO, "checkCertTrusted: accepting expired certificate from keystore"); + return; + } + if (isCertKnown(chain[0])) { + LOGGER.log(Level.INFO, "checkCertTrusted: accepting cert already stored in keystore"); + return; + } + try { + if (defaultTrustManager == null) + throw ae; + LOGGER.log(Level.FINE, "checkCertTrusted: trying defaultTrustManager"); + if (isServer) + defaultTrustManager.checkServerTrusted(chain, authType); + else + defaultTrustManager.checkClientTrusted(chain, authType); + } catch (CertificateException e) { + e.printStackTrace(); + if (interactive) { + interactCert(chain, authType, e); + } else { + throw e; + } + } + } + } + + public void checkClientTrusted(X509Certificate[] chain, String authType) + throws CertificateException + { + checkCertTrusted(chain, authType, false,true); + } + + public void checkServerTrusted(X509Certificate[] chain, String authType) + throws CertificateException + { + checkCertTrusted(chain, authType, true,true); + } + + public X509Certificate[] getAcceptedIssuers() + { + LOGGER.log(Level.FINE, "getAcceptedIssuers()"); + return defaultTrustManager.getAcceptedIssuers(); + } + + private int createDecisionId(MTMDecision d) { + int myId; + synchronized(openDecisions) { + myId = decisionId; + openDecisions.put(myId, d); + decisionId += 1; + } + return myId; + } + + private static String hexString(byte[] data) { + StringBuffer si = new StringBuffer(); + for (int i = 0; i < data.length; i++) { + si.append(String.format("%02x", data[i])); + if (i < data.length - 1) + si.append(":"); + } + return si.toString(); + } + + private static String certHash(final X509Certificate cert, String digest) { + try { + MessageDigest md = MessageDigest.getInstance(digest); + md.update(cert.getEncoded()); + return hexString(md.digest()); + } catch (java.security.cert.CertificateEncodingException e) { + return e.getMessage(); + } catch (java.security.NoSuchAlgorithmException e) { + return e.getMessage(); + } + } + + private void certDetails(StringBuffer si, X509Certificate c) { + SimpleDateFormat validityDateFormater = new SimpleDateFormat("yyyy-MM-dd"); + si.append("\n"); + si.append(c.getSubjectDN().toString()); + si.append("\n"); + si.append(validityDateFormater.format(c.getNotBefore())); + si.append(" - "); + si.append(validityDateFormater.format(c.getNotAfter())); + si.append("\nSHA-256: "); + si.append(certHash(c, "SHA-256")); + si.append("\nSHA-1: "); + si.append(certHash(c, "SHA-1")); + si.append("\nSigned by: "); + si.append(c.getIssuerDN().toString()); + si.append("\n"); + } + + private String certChainMessage(final X509Certificate[] chain, CertificateException cause) { + Throwable e = cause; + LOGGER.log(Level.FINE, "certChainMessage for " + e); + StringBuffer si = new StringBuffer(); + if (e.getCause() != null) { + e = e.getCause(); + // HACK: there is no sane way to check if the error is a "trust anchor + // not found", so we use string comparison. + if (NO_TRUST_ANCHOR.equals(e.getMessage())) { + si.append(master.getString(R.string.mtm_trust_anchor)); + } else + si.append(e.getLocalizedMessage()); + si.append("\n"); + } + si.append("\n"); + si.append(master.getString(R.string.mtm_connect_anyway)); + si.append("\n\n"); + si.append(master.getString(R.string.mtm_cert_details)); + for (X509Certificate c : chain) { + certDetails(si, c); + } + return si.toString(); + } + + private String hostNameMessage(X509Certificate cert, String hostname) { + StringBuffer si = new StringBuffer(); + + si.append(master.getString(R.string.mtm_hostname_mismatch, hostname)); + si.append("\n\n"); + try { + Collection<List<?>> sans = cert.getSubjectAlternativeNames(); + if (sans == null) { + si.append(cert.getSubjectDN()); + si.append("\n"); + } else for (List<?> altName : sans) { + Object name = altName.get(1); + if (name instanceof String) { + si.append("["); + si.append((Integer)altName.get(0)); + si.append("] "); + si.append(name); + si.append("\n"); + } + } + } catch (CertificateParsingException e) { + e.printStackTrace(); + si.append("<Parsing error: "); + si.append(e.getLocalizedMessage()); + si.append(">\n"); + } + si.append("\n"); + si.append(master.getString(R.string.mtm_connect_anyway)); + si.append("\n\n"); + si.append(master.getString(R.string.mtm_cert_details)); + certDetails(si, cert); + return si.toString(); + } + + // We can use Notification.Builder once MTM's minSDK is >= 11 + @SuppressWarnings("deprecation") + void startActivityNotification(Intent intent, int decisionId, String certName) { + Notification n = new Notification(android.R.drawable.ic_lock_lock, + master.getString(R.string.mtm_notification), + System.currentTimeMillis()); + PendingIntent call = PendingIntent.getActivity(master, 0, intent, 0); + n.setLatestEventInfo(master.getApplicationContext(), + master.getString(R.string.mtm_notification), + certName, call); + n.flags |= Notification.FLAG_AUTO_CANCEL; + + notificationManager.notify(NOTIFICATION_ID + decisionId, n); + } + + /** + * Returns the top-most entry of the activity stack. + * + * @return the Context of the currently bound UI or the master context if none is bound + */ + Context getUI() { + return (foregroundAct != null) ? foregroundAct : master; + } + + int interact(final String message, final int titleId) { + /* prepare the MTMDecision blocker object */ + MTMDecision choice = new MTMDecision(); + final int myId = createDecisionId(choice); + + masterHandler.post(new Runnable() { + public void run() { + Intent ni = new Intent(master, MemorizingActivity.class); + ni.setFlags(Intent.FLAG_ACTIVITY_NEW_TASK); + ni.setData(Uri.parse(MemorizingTrustManager.class.getName() + "/" + myId)); + ni.putExtra(DECISION_INTENT_ID, myId); + ni.putExtra(DECISION_INTENT_CERT, message); + ni.putExtra(DECISION_TITLE_ID, titleId); + + // we try to directly start the activity and fall back to + // making a notification + try { + getUI().startActivity(ni); + } catch (Exception e) { + LOGGER.log(Level.FINE, "startActivity(MemorizingActivity)", e); + startActivityNotification(ni, myId, message); + } + } + }); + + LOGGER.log(Level.FINE, "openDecisions: " + openDecisions + ", waiting on " + myId); + try { + synchronized(choice) { choice.wait(); } + } catch (InterruptedException e) { + LOGGER.log(Level.FINER, "InterruptedException", e); + } + LOGGER.log(Level.FINE, "finished wait on " + myId + ": " + choice.state); + return choice.state; + } + + void interactCert(final X509Certificate[] chain, String authType, CertificateException cause) + throws CertificateException + { + switch (interact(certChainMessage(chain, cause), R.string.mtm_accept_cert)) { + case MTMDecision.DECISION_ALWAYS: + storeCert(chain[0]); // only store the server cert, not the whole chain + case MTMDecision.DECISION_ONCE: + break; + default: + throw (cause); + } + } + + boolean interactHostname(X509Certificate cert, String hostname) + { + switch (interact(hostNameMessage(cert, hostname), R.string.mtm_accept_servername)) { + case MTMDecision.DECISION_ALWAYS: + storeCert(hostname, cert); + case MTMDecision.DECISION_ONCE: + return true; + default: + return false; + } + } + + protected static void interactResult(int decisionId, int choice) { + MTMDecision d; + synchronized(openDecisions) { + d = openDecisions.get(decisionId); + openDecisions.remove(decisionId); + } + if (d == null) { + LOGGER.log(Level.SEVERE, "interactResult: aborting due to stale decision reference!"); + return; + } + synchronized(d) { + d.state = choice; + d.notify(); + } + } + + class MemorizingHostnameVerifier implements HostnameVerifier { + private HostnameVerifier defaultVerifier; + + public MemorizingHostnameVerifier(HostnameVerifier wrapped) { + defaultVerifier = wrapped; + } + + protected boolean verify(String hostname, SSLSession session, boolean interactive) { + LOGGER.log(Level.FINE, "hostname verifier for " + hostname + ", trying default verifier first"); + // if the default verifier accepts the hostname, we are done + if (defaultVerifier.verify(hostname, session)) { + LOGGER.log(Level.FINE, "default verifier accepted " + hostname); + return true; + } + // otherwise, we check if the hostname is an alias for this cert in our keystore + try { + X509Certificate cert = (X509Certificate)session.getPeerCertificates()[0]; + //Log.d(TAG, "cert: " + cert); + if (cert.equals(appKeyStore.getCertificate(hostname.toLowerCase(Locale.US)))) { + LOGGER.log(Level.FINE, "certificate for " + hostname + " is in our keystore. accepting."); + return true; + } else { + LOGGER.log(Level.FINE, "server " + hostname + " provided wrong certificate, asking user."); + if (interactive) { + return interactHostname(cert, hostname); + } else { + return false; + } + } + } catch (Exception e) { + e.printStackTrace(); + return false; + } + } + + @Override + public boolean verify(String hostname, SSLSession session) { + return verify(hostname, session, true); + } + } + + class NonInteractiveMemorizingHostnameVerifier extends MemorizingHostnameVerifier { + + public NonInteractiveMemorizingHostnameVerifier(HostnameVerifier wrapped) { + super(wrapped); + } + @Override + public boolean verify(String hostname, SSLSession session) { + return verify(hostname, session, true); + } + + + } + + public X509TrustManager getNonInteractive() { + return new NonInteractiveMemorizingTrustManager(); + } + + private class NonInteractiveMemorizingTrustManager implements X509TrustManager { + + @Override + public void checkClientTrusted(X509Certificate[] chain, String authType) + throws CertificateException { + MemorizingTrustManager.this.checkCertTrusted(chain, authType, false, false); + } + + @Override + public void checkServerTrusted(X509Certificate[] chain, String authType) + throws CertificateException { + MemorizingTrustManager.this.checkCertTrusted(chain, authType, true, false); + } + + @Override + public X509Certificate[] getAcceptedIssuers() { + return MemorizingTrustManager.this.getAcceptedIssuers(); + } + + } +} diff --git a/libs/android-support-v13.jar b/libs/android-support-v13.jar Binary files differdeleted file mode 100644 index cd47212b..00000000 --- a/libs/android-support-v13.jar +++ /dev/null diff --git a/libs/bcprov-jdk15on-150.jar b/libs/bcprov-jdk15on-150.jar Binary files differdeleted file mode 100644 index d4b510d7..00000000 --- a/libs/bcprov-jdk15on-150.jar +++ /dev/null diff --git a/libs/minidns b/libs/minidns deleted file mode 160000 -Subproject 152be6eb1a22da8cebe24ac4ee05b487936c9f2 diff --git a/libs/minidns/.gitignore b/libs/minidns/.gitignore new file mode 100644 index 00000000..2362cd05 --- /dev/null +++ b/libs/minidns/.gitignore @@ -0,0 +1,107 @@ +# From https://github.com/github/gitignore + +# # # # # # # # # # # # +# Android gitignore # +# # # # # # # # # # # # + +# Built application files +*.apk +*.ap_ + +# Files for the Dalvik VM +*.dex + +# Java class files +*.class + +# Generated files +bin/ +gen/ + +# Gradle files +.gradle/ +build/ + +# Local configuration file (sdk path, etc) +local.properties +gradle.properties + +# Proguard folder generated by Eclipse +proguard/ + +# # # # # # # # +# VIM / Linux # +# # # # # # # # + +[._]*.s[a-w][a-z] +[._]s[a-w][a-z] +*.un~ +Session.vim +.netrwhist +*~ +.directory + +# # # # # # +# Eclipse # +# # # # # # + +*.pydevproject +.metadata +.gradle +bin/ +tmp/ +*.tmp +*.bak +*.swp +*~.nib +local.properties +.settings/ +.loadpath +.classpath +.project + +# External tool builders +.externalToolBuilders/ + +# Locally stored "Eclipse launch configurations" +*.launch + +# CDT-specific +.cproject + +# PDT-specific +.buildpath + +# sbteclipse plugin +.target + +# TeXlipse plugin +.texlipse + +# # # # # +# OS X # +# # # # # + +.DS_Store +.AppleDouble +.LSOverride + +# Icon must ends with two \r. +Icon + + +# Thumbnails +._* + +# Files that might appear on external disk +.Spotlight-V100 +.Trashes + +# Directories potentially created on remote AFP share +.AppleDB +.AppleDesktop +Network Trash Folder +Temporary Items +.apdisk + + diff --git a/libs/minidns/LICENCE b/libs/minidns/LICENCE new file mode 100644 index 00000000..4c2ee7c0 --- /dev/null +++ b/libs/minidns/LICENCE @@ -0,0 +1,4 @@ +This software may be used under the terms of (at your choice) +- LGPL version 2 (or later) (see LICENCE_LGPL2.1 for details) +- Apache Software licence (see LICENCE_APACHE for details) +- WTFPL (see LICENCE_WTFPL for details) diff --git a/libs/minidns/LICENCE_APACHE b/libs/minidns/LICENCE_APACHE new file mode 100644 index 00000000..e454a525 --- /dev/null +++ b/libs/minidns/LICENCE_APACHE @@ -0,0 +1,178 @@ + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + diff --git a/libs/minidns/LICENCE_LGPL2.1 b/libs/minidns/LICENCE_LGPL2.1 new file mode 100644 index 00000000..51a70cae --- /dev/null +++ b/libs/minidns/LICENCE_LGPL2.1 @@ -0,0 +1,503 @@ + GNU LESSER GENERAL PUBLIC LICENSE + Version 2.1, February 1999 + + Copyright (C) 1991, 1999 Free Software Foundation, Inc. + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + +[This is the first released version of the Lesser GPL. It also counts + as the successor of the GNU Library Public License, version 2, hence + the version number 2.1.] + + Preamble + + The licenses for most software are designed to take away your +freedom to share and change it. By contrast, the GNU General Public +Licenses are intended to guarantee your freedom to share and change +free software--to make sure the software is free for all its users. + + This license, the Lesser General Public License, applies to some +specially designated software packages--typically libraries--of the +Free Software Foundation and other authors who decide to use it. You +can use it too, but we suggest you first think carefully about whether +this license or the ordinary General Public License is the better +strategy to use in any particular case, based on the explanations below. + + When we speak of free software, we are referring to freedom of use, +not price. Our General Public Licenses are designed to make sure that +you have the freedom to distribute copies of free software (and charge +for this service if you wish); that you receive source code or can get +it if you want it; that you can change the software and use pieces of +it in new free programs; and that you are informed that you can do +these things. + + To protect your rights, we need to make restrictions that forbid +distributors to deny you these rights or to ask you to surrender these +rights. These restrictions translate to certain responsibilities for +you if you distribute copies of the library or if you modify it. + + For example, if you distribute copies of the library, whether gratis +or for a fee, you must give the recipients all the rights that we gave +you. You must make sure that they, too, receive or can get the source +code. If you link other code with the library, you must provide +complete object files to the recipients, so that they can relink them +with the library after making changes to the library and recompiling +it. And you must show them these terms so they know their rights. + + We protect your rights with a two-step method: (1) we copyright the +library, and (2) we offer you this license, which gives you legal +permission to copy, distribute and/or modify the library. + + To protect each distributor, we want to make it very clear that +there is no warranty for the free library. Also, if the library is +modified by someone else and passed on, the recipients should know +that what they have is not the original version, so that the original +author's reputation will not be affected by problems that might be +introduced by others. + + Finally, software patents pose a constant threat to the existence of +any free program. We wish to make sure that a company cannot +effectively restrict the users of a free program by obtaining a +restrictive license from a patent holder. Therefore, we insist that +any patent license obtained for a version of the library must be +consistent with the full freedom of use specified in this license. + + Most GNU software, including some libraries, is covered by the +ordinary GNU General Public License. This license, the GNU Lesser +General Public License, applies to certain designated libraries, and +is quite different from the ordinary General Public License. We use +this license for certain libraries in order to permit linking those +libraries into non-free programs. + + When a program is linked with a library, whether statically or using +a shared library, the combination of the two is legally speaking a +combined work, a derivative of the original library. The ordinary +General Public License therefore permits such linking only if the +entire combination fits its criteria of freedom. The Lesser General +Public License permits more lax criteria for linking other code with +the library. + + We call this license the "Lesser" General Public License because it +does Less to protect the user's freedom than the ordinary General +Public License. It also provides other free software developers Less +of an advantage over competing non-free programs. These disadvantages +are the reason we use the ordinary General Public License for many +libraries. However, the Lesser license provides advantages in certain +special circumstances. + + For example, on rare occasions, there may be a special need to +encourage the widest possible use of a certain library, so that it becomes +a de-facto standard. To achieve this, non-free programs must be +allowed to use the library. A more frequent case is that a free +library does the same job as widely used non-free libraries. In this +case, there is little to gain by limiting the free library to free +software only, so we use the Lesser General Public License. + + In other cases, permission to use a particular library in non-free +programs enables a greater number of people to use a large body of +free software. For example, permission to use the GNU C Library in +non-free programs enables many more people to use the whole GNU +operating system, as well as its variant, the GNU/Linux operating +system. + + Although the Lesser General Public License is Less protective of the +users' freedom, it does ensure that the user of a program that is +linked with the Library has the freedom and the wherewithal to run +that program using a modified version of the Library. + + The precise terms and conditions for copying, distribution and +modification follow. Pay close attention to the difference between a +"work based on the library" and a "work that uses the library". The +former contains code derived from the library, whereas the latter must +be combined with the library in order to run. + + GNU LESSER GENERAL PUBLIC LICENSE + TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION + + 0. This License Agreement applies to any software library or other +program which contains a notice placed by the copyright holder or +other authorized party saying it may be distributed under the terms of +this Lesser General Public License (also called "this License"). +Each licensee is addressed as "you". + + A "library" means a collection of software functions and/or data +prepared so as to be conveniently linked with application programs +(which use some of those functions and data) to form executables. + + The "Library", below, refers to any such software library or work +which has been distributed under these terms. A "work based on the +Library" means either the Library or any derivative work under +copyright law: that is to say, a work containing the Library or a +portion of it, either verbatim or with modifications and/or translated +straightforwardly into another language. (Hereinafter, translation is +included without limitation in the term "modification".) + + "Source code" for a work means the preferred form of the work for +making modifications to it. For a library, complete source code means +all the source code for all modules it contains, plus any associated +interface definition files, plus the scripts used to control compilation +and installation of the library. + + Activities other than copying, distribution and modification are not +covered by this License; they are outside its scope. The act of +running a program using the Library is not restricted, and output from +such a program is covered only if its contents constitute a work based +on the Library (independent of the use of the Library in a tool for +writing it). Whether that is true depends on what the Library does +and what the program that uses the Library does. + + 1. You may copy and distribute verbatim copies of the Library's +complete source code as you receive it, in any medium, provided that +you conspicuously and appropriately publish on each copy an +appropriate copyright notice and disclaimer of warranty; keep intact +all the notices that refer to this License and to the absence of any +warranty; and distribute a copy of this License along with the +Library. + + You may charge a fee for the physical act of transferring a copy, +and you may at your option offer warranty protection in exchange for a +fee. + + 2. You may modify your copy or copies of the Library or any portion +of it, thus forming a work based on the Library, and copy and +distribute such modifications or work under the terms of Section 1 +above, provided that you also meet all of these conditions: + + a) The modified work must itself be a software library. + + b) You must cause the files modified to carry prominent notices + stating that you changed the files and the date of any change. + + c) You must cause the whole of the work to be licensed at no + charge to all third parties under the terms of this License. + + d) If a facility in the modified Library refers to a function or a + table of data to be supplied by an application program that uses + the facility, other than as an argument passed when the facility + is invoked, then you must make a good faith effort to ensure that, + in the event an application does not supply such function or + table, the facility still operates, and performs whatever part of + its purpose remains meaningful. + + (For example, a function in a library to compute square roots has + a purpose that is entirely well-defined independent of the + application. Therefore, Subsection 2d requires that any + application-supplied function or table used by this function must + be optional: if the application does not supply it, the square + root function must still compute square roots.) + +These requirements apply to the modified work as a whole. If +identifiable sections of that work are not derived from the Library, +and can be reasonably considered independent and separate works in +themselves, then this License, and its terms, do not apply to those +sections when you distribute them as separate works. But when you +distribute the same sections as part of a whole which is a work based +on the Library, the distribution of the whole must be on the terms of +this License, whose permissions for other licensees extend to the +entire whole, and thus to each and every part regardless of who wrote +it. + +Thus, it is not the intent of this section to claim rights or contest +your rights to work written entirely by you; rather, the intent is to +exercise the right to control the distribution of derivative or +collective works based on the Library. + +In addition, mere aggregation of another work not based on the Library +with the Library (or with a work based on the Library) on a volume of +a storage or distribution medium does not bring the other work under +the scope of this License. + + 3. You may opt to apply the terms of the ordinary GNU General Public +License instead of this License to a given copy of the Library. To do +this, you must alter all the notices that refer to this License, so +that they refer to the ordinary GNU General Public License, version 2, +instead of to this License. (If a newer version than version 2 of the +ordinary GNU General Public License has appeared, then you can specify +that version instead if you wish.) Do not make any other change in +these notices. + + Once this change is made in a given copy, it is irreversible for +that copy, so the ordinary GNU General Public License applies to all +subsequent copies and derivative works made from that copy. + + This option is useful when you wish to copy part of the code of +the Library into a program that is not a library. + + 4. You may copy and distribute the Library (or a portion or +derivative of it, under Section 2) in object code or executable form +under the terms of Sections 1 and 2 above provided that you accompany +it with the complete corresponding machine-readable source code, which +must be distributed under the terms of Sections 1 and 2 above on a +medium customarily used for software interchange. + + If distribution of object code is made by offering access to copy +from a designated place, then offering equivalent access to copy the +source code from the same place satisfies the requirement to +distribute the source code, even though third parties are not +compelled to copy the source along with the object code. + + 5. A program that contains no derivative of any portion of the +Library, but is designed to work with the Library by being compiled or +linked with it, is called a "work that uses the Library". Such a +work, in isolation, is not a derivative work of the Library, and +therefore falls outside the scope of this License. + + However, linking a "work that uses the Library" with the Library +creates an executable that is a derivative of the Library (because it +contains portions of the Library), rather than a "work that uses the +library". The executable is therefore covered by this License. +Section 6 states terms for distribution of such executables. + + When a "work that uses the Library" uses material from a header file +that is part of the Library, the object code for the work may be a +derivative work of the Library even though the source code is not. +Whether this is true is especially significant if the work can be +linked without the Library, or if the work is itself a library. The +threshold for this to be true is not precisely defined by law. + + If such an object file uses only numerical parameters, data +structure layouts and accessors, and small macros and small inline +functions (ten lines or less in length), then the use of the object +file is unrestricted, regardless of whether it is legally a derivative +work. (Executables containing this object code plus portions of the +Library will still fall under Section 6.) + + Otherwise, if the work is a derivative of the Library, you may +distribute the object code for the work under the terms of Section 6. +Any executables containing that work also fall under Section 6, +whether or not they are linked directly with the Library itself. + + 6. As an exception to the Sections above, you may also combine or +link a "work that uses the Library" with the Library to produce a +work containing portions of the Library, and distribute that work +under terms of your choice, provided that the terms permit +modification of the work for the customer's own use and reverse +engineering for debugging such modifications. + + You must give prominent notice with each copy of the work that the +Library is used in it and that the Library and its use are covered by +this License. You must supply a copy of this License. If the work +during execution displays copyright notices, you must include the +copyright notice for the Library among them, as well as a reference +directing the user to the copy of this License. Also, you must do one +of these things: + + a) Accompany the work with the complete corresponding + machine-readable source code for the Library including whatever + changes were used in the work (which must be distributed under + Sections 1 and 2 above); and, if the work is an executable linked + with the Library, with the complete machine-readable "work that + uses the Library", as object code and/or source code, so that the + user can modify the Library and then relink to produce a modified + executable containing the modified Library. (It is understood + that the user who changes the contents of definitions files in the + Library will not necessarily be able to recompile the application + to use the modified definitions.) + + b) Use a suitable shared library mechanism for linking with the + Library. A suitable mechanism is one that (1) uses at run time a + copy of the library already present on the user's computer system, + rather than copying library functions into the executable, and (2) + will operate properly with a modified version of the library, if + the user installs one, as long as the modified version is + interface-compatible with the version that the work was made with. + + c) Accompany the work with a written offer, valid for at + least three years, to give the same user the materials + specified in Subsection 6a, above, for a charge no more + than the cost of performing this distribution. + + d) If distribution of the work is made by offering access to copy + from a designated place, offer equivalent access to copy the above + specified materials from the same place. + + e) Verify that the user has already received a copy of these + materials or that you have already sent this user a copy. + + For an executable, the required form of the "work that uses the +Library" must include any data and utility programs needed for +reproducing the executable from it. However, as a special exception, +the materials to be distributed need not include anything that is +normally distributed (in either source or binary form) with the major +components (compiler, kernel, and so on) of the operating system on +which the executable runs, unless that component itself accompanies +the executable. + + It may happen that this requirement contradicts the license +restrictions of other proprietary libraries that do not normally +accompany the operating system. Such a contradiction means you cannot +use both them and the Library together in an executable that you +distribute. + + 7. You may place library facilities that are a work based on the +Library side-by-side in a single library together with other library +facilities not covered by this License, and distribute such a combined +library, provided that the separate distribution of the work based on +the Library and of the other library facilities is otherwise +permitted, and provided that you do these two things: + + a) Accompany the combined library with a copy of the same work + based on the Library, uncombined with any other library + facilities. This must be distributed under the terms of the + Sections above. + + b) Give prominent notice with the combined library of the fact + that part of it is a work based on the Library, and explaining + where to find the accompanying uncombined form of the same work. + + 8. You may not copy, modify, sublicense, link with, or distribute +the Library except as expressly provided under this License. Any +attempt otherwise to copy, modify, sublicense, link with, or +distribute the Library is void, and will automatically terminate your +rights under this License. However, parties who have received copies, +or rights, from you under this License will not have their licenses +terminated so long as such parties remain in full compliance. + + 9. You are not required to accept this License, since you have not +signed it. However, nothing else grants you permission to modify or +distribute the Library or its derivative works. These actions are +prohibited by law if you do not accept this License. Therefore, by +modifying or distributing the Library (or any work based on the +Library), you indicate your acceptance of this License to do so, and +all its terms and conditions for copying, distributing or modifying +the Library or works based on it. + + 10. Each time you redistribute the Library (or any work based on the +Library), the recipient automatically receives a license from the +original licensor to copy, distribute, link with or modify the Library +subject to these terms and conditions. You may not impose any further +restrictions on the recipients' exercise of the rights granted herein. +You are not responsible for enforcing compliance by third parties with +this License. + + 11. If, as a consequence of a court judgment or allegation of patent +infringement or for any other reason (not limited to patent issues), +conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot +distribute so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you +may not distribute the Library at all. For example, if a patent +license would not permit royalty-free redistribution of the Library by +all those who receive copies directly or indirectly through you, then +the only way you could satisfy both it and this License would be to +refrain entirely from distribution of the Library. + +If any portion of this section is held invalid or unenforceable under any +particular circumstance, the balance of the section is intended to apply, +and the section as a whole is intended to apply in other circumstances. + +It is not the purpose of this section to induce you to infringe any +patents or other property right claims or to contest validity of any +such claims; this section has the sole purpose of protecting the +integrity of the free software distribution system which is +implemented by public license practices. Many people have made +generous contributions to the wide range of software distributed +through that system in reliance on consistent application of that +system; it is up to the author/donor to decide if he or she is willing +to distribute software through any other system and a licensee cannot +impose that choice. + +This section is intended to make thoroughly clear what is believed to +be a consequence of the rest of this License. + + 12. If the distribution and/or use of the Library is restricted in +certain countries either by patents or by copyrighted interfaces, the +original copyright holder who places the Library under this License may add +an explicit geographical distribution limitation excluding those countries, +so that distribution is permitted only in or among countries not thus +excluded. In such case, this License incorporates the limitation as if +written in the body of this License. + + 13. The Free Software Foundation may publish revised and/or new +versions of the Lesser General Public License from time to time. +Such new versions will be similar in spirit to the present version, +but may differ in detail to address new problems or concerns. + +Each version is given a distinguishing version number. If the Library +specifies a version number of this License which applies to it and +"any later version", you have the option of following the terms and +conditions either of that version or of any later version published by +the Free Software Foundation. If the Library does not specify a +license version number, you may choose any version ever published by +the Free Software Foundation. + + 14. If you wish to incorporate parts of the Library into other free +programs whose distribution conditions are incompatible with these, +write to the author to ask for permission. For software which is +copyrighted by the Free Software Foundation, write to the Free +Software Foundation; we sometimes make exceptions for this. Our +decision will be guided by the two goals of preserving the free status +of all derivatives of our free software and of promoting the sharing +and reuse of software generally. + + NO WARRANTY + + 15. BECAUSE THE LIBRARY IS LICENSED FREE OF CHARGE, THERE IS NO +WARRANTY FOR THE LIBRARY, TO THE EXTENT PERMITTED BY APPLICABLE LAW. +EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR +OTHER PARTIES PROVIDE THE LIBRARY "AS IS" WITHOUT WARRANTY OF ANY +KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE +LIBRARY IS WITH YOU. SHOULD THE LIBRARY PROVE DEFECTIVE, YOU ASSUME +THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. + + 16. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN +WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY +AND/OR REDISTRIBUTE THE LIBRARY AS PERMITTED ABOVE, BE LIABLE TO YOU +FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR +CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE +LIBRARY (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING +RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A +FAILURE OF THE LIBRARY TO OPERATE WITH ANY OTHER SOFTWARE), EVEN IF +SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH +DAMAGES. + + END OF TERMS AND CONDITIONS + + How to Apply These Terms to Your New Libraries + + If you develop a new library, and you want it to be of the greatest +possible use to the public, we recommend making it free software that +everyone can redistribute and change. You can do so by permitting +redistribution under these terms (or, alternatively, under the terms of the +ordinary General Public License). + + To apply these terms, attach the following notices to the library. It is +safest to attach them to the start of each source file to most effectively +convey the exclusion of warranty; and each file should have at least the +"copyright" line and a pointer to where the full notice is found. + + <one line to give the library's name and a brief idea of what it does.> + Copyright (C) <year> <name of author> + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + +Also add information on how to contact you by electronic and paper mail. + +You should also get your employer (if you work as a programmer) or your +school, if any, to sign a "copyright disclaimer" for the library, if +necessary. Here is a sample; alter the names: + + Yoyodyne, Inc., hereby disclaims all copyright interest in the + library `Frob' (a library for tweaking knobs) written by James Random Hacker. + + <signature of Ty Coon>, 1 April 1990 + Ty Coon, President of Vice + +That's all there is to it! + diff --git a/libs/minidns/LICENCE_WTFPL b/libs/minidns/LICENCE_WTFPL new file mode 100644 index 00000000..652d3783 --- /dev/null +++ b/libs/minidns/LICENCE_WTFPL @@ -0,0 +1,13 @@ + DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE + Version 2, December 2004 + + Copyright (C) 2014 Rene Treffer <treffer+wtfpl@measite.de> + + Everyone is permitted to copy and distribute verbatim or modified + copies of this license document, and changing it is allowed as long + as the name is changed. + + DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE + TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION + + 0. You just DO WHAT THE FUCK YOU WANT TO. diff --git a/libs/minidns/README.md b/libs/minidns/README.md new file mode 100644 index 00000000..3c1417a1 --- /dev/null +++ b/libs/minidns/README.md @@ -0,0 +1,8 @@ +MiniDNS +------- + +MiniDNS is a minimal dns client library for android. It can parse a basic set +of resource records (A, AAAA, NS, SRV) and is easy to use and extend. + +This library is not intended to be used as a DNS server. You might want to +look into dnsjava for such functionality. diff --git a/libs/minidns/build.gradle b/libs/minidns/build.gradle new file mode 100644 index 00000000..5941beaf --- /dev/null +++ b/libs/minidns/build.gradle @@ -0,0 +1,77 @@ +apply plugin: 'java' +apply plugin: 'eclipse' +apply plugin: 'osgi' +apply plugin: 'nexus' + +buildscript { + repositories { + jcenter() + mavenLocal() + mavenCentral() + } + + dependencies { + classpath 'org.gradle.api.plugins:gradle-nexus-plugin:0.7.1' + } +} + +group = 'de.measite.minidns' +description = "A minimal DNS client library with support for A, AAAA, NS and SRV records" +sourceCompatibility = 1.7 +version = 'git tag --points-at HEAD'.execute().text.trim() +isSNAPSHOT = 'git rev-parse --abbrev-ref HEAD'.execute().text.trim() == 'master' + +if (isSNAPSHOT) { + version = version + '-SNAPSHOT' +} + +repositories { + mavenLocal() + mavenCentral() +} + +nexus { + attachSources = true + attachTests = false + attachJavadoc = true + sign = true +} + +modifyPom { + project { + name 'minidns' + description 'Minimal DNS library for java and android systems' + url 'https://github.com/rtreffer/minidns' + inceptionYear '2014' + + scm { + url 'https://github.com/rtreffer/minidns' + connection 'scm:https://github.com/rtreffer/minidns' + developerConnection 'scm:git://github.com/rtreffer/minidns.git' + } + + licenses { + license { + name 'The Apache Software License, Version 2.0' + url 'http://www.apache.org/licenses/LICENSE-2.0.txt' + distribution 'repo' + } + } + + developers { + developer { + id 'rtreffer' + name 'Rene Treffer' + email 'treffer@measite.de' + } + developer { + id 'flow' + name 'Florian Schmaus' + email 'flow@geekplace.eu' + } + } + } +} + +dependencies { +}
\ No newline at end of file diff --git a/libs/minidns/gradle.properties.example b/libs/minidns/gradle.properties.example new file mode 100644 index 00000000..68ffc418 --- /dev/null +++ b/libs/minidns/gradle.properties.example @@ -0,0 +1,21 @@ +# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # +# +# GPG settings +# + +# gpg key id +#signing.keyId=DEADBEEF +# the gpg key passphrase +#signing.password=correcthorsebatterystaple +# gpg keyring (this is the default gnupg keyring containing private keys) +#signing.secretKeyRingFile=/home/ubuntu/.gnupg/secring.gpg + +# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # +# +# nexus settings +# + +# the nexus username used for log in +#nexusUsername=ubuntu +# the nexus password +#nexusPassword=correcthorsebatterystaple diff --git a/libs/minidns/src/main/java/de/measite/minidns/Client.java b/libs/minidns/src/main/java/de/measite/minidns/Client.java new file mode 100644 index 00000000..827aa772 --- /dev/null +++ b/libs/minidns/src/main/java/de/measite/minidns/Client.java @@ -0,0 +1,323 @@ +package de.measite.minidns; + +import java.io.IOException; +import java.io.InputStream; +import java.io.InputStreamReader; +import java.io.LineNumberReader; +import java.lang.reflect.Method; +import java.net.DatagramPacket; +import java.net.DatagramSocket; +import java.net.InetAddress; +import java.security.NoSuchAlgorithmException; +import java.security.SecureRandom; +import java.util.ArrayList; +import java.util.Arrays; +import java.util.HashSet; +import java.util.Random; +import java.util.logging.Level; +import java.util.logging.Logger; + +import de.measite.minidns.Record.CLASS; +import de.measite.minidns.Record.TYPE; + +/** + * A minimal DNS client for SRV/A/AAAA/NS and CNAME lookups, with IDN support. + * This circumvents the missing javax.naming package on android. + */ +public class Client { + + private static final Logger LOGGER = Logger.getLogger(Client.class.getName()); + + /** + * The internal random class for sequence generation. + */ + protected Random random; + + /** + * The buffer size for dns replies. + */ + protected int bufferSize = 1500; + + /** + * DNS timeout. + */ + protected int timeout = 5000; + + /** + * The internal DNS cache. + */ + protected DNSCache cache; + + /** + * Create a new DNS client with the given DNS cache. + * @param cache The backend DNS cache. + */ + public Client(DNSCache cache) { + try { + random = SecureRandom.getInstance("SHA1PRNG"); + } catch (NoSuchAlgorithmException e1) { + random = new SecureRandom(); + } + this.cache = cache; + } + + /** + * Create a new DNS client. + */ + public Client() { + this(null); + } + + /** + * Query a nameserver for a single entry. + * @param name The DNS name to request. + * @param type The DNS type to request (SRV, A, AAAA, ...). + * @param clazz The class of the request (usually IN for Internet). + * @param host The DNS server host. + * @param port The DNS server port. + * @return The response (or null on timeout / failure). + * @throws IOException On IO Errors. + */ + public DNSMessage query(String name, TYPE type, CLASS clazz, String host, int port) + throws IOException + { + Question q = new Question(name, type, clazz); + return query(q, host, port); + } + + /** + * Query a nameserver for a single entry. + * @param name The DNS name to request. + * @param type The DNS type to request (SRV, A, AAAA, ...). + * @param clazz The class of the request (usually IN for Internet). + * @param host The DNS server host. + * @return The response (or null on timeout / failure). + * @throws IOException On IO Errors. + */ + public DNSMessage query(String name, TYPE type, CLASS clazz, String host) + throws IOException + { + Question q = new Question(name, type, clazz); + return query(q, host); + } + + /** + * Query the system nameserver for a single entry. + * @param name The DNS name to request. + * @param type The DNS type to request (SRV, A, AAAA, ...). + * @param clazz The class of the request (usually IN for Internet). + * @return The response (or null on timeout/error). + * @return The DNSMessage reply or null. + */ + public DNSMessage query(String name, TYPE type, CLASS clazz) + { + Question q = new Question(name, type, clazz); + return query(q); + } + + /** + * Query a specific server for one entry. + * @param q The question section of the DNS query. + * @param host The dns server host. + * @return The response (or null on timeout/error). + * @throws IOException On IOErrors. + */ + public DNSMessage query(Question q, String host) throws IOException { + return query(q, host, 53); + } + + /** + * Query a specific server for one entry. + * @param q The question section of the DNS query. + * @param host The dns server host. + * @param port the dns port. + * @return The response (or null on timeout/error). + * @throws IOException On IOErrors. + */ + public DNSMessage query(Question q, String host, int port) throws IOException { + DNSMessage dnsMessage = (cache == null) ? null : cache.get(q); + if (dnsMessage != null) { + return dnsMessage; + } + DNSMessage message = new DNSMessage(); + message.setQuestions(new Question[]{q}); + message.setRecursionDesired(true); + message.setId(random.nextInt()); + byte[] buf = message.toArray(); + try (DatagramSocket socket = new DatagramSocket()) { + DatagramPacket packet = new DatagramPacket(buf, buf.length, + InetAddress.getByName(host), port); + socket.setSoTimeout(timeout); + socket.send(packet); + packet = new DatagramPacket(new byte[bufferSize], bufferSize); + socket.receive(packet); + dnsMessage = DNSMessage.parse(packet.getData()); + if (dnsMessage.getId() != message.getId()) { + return null; + } + for (Record record : dnsMessage.getAnswers()) { + if (record.isAnswer(q)) { + if (cache != null) { + cache.put(q, dnsMessage); + } + break; + } + } + return dnsMessage; + } + } + + /** + * Query the system DNS server for one entry. + * @param q The question section of the DNS query. + * @return The response (or null on timeout/error). + */ + public DNSMessage query(Question q) { + // While this query method does in fact re-use query(Question, String) + // we still do a cache lookup here in order to avoid unnecessary + // findDNS()calls, which are expensive on Android. Note that we do not + // put the results back into the Cache, as this is already done by + // query(Question, String). + DNSMessage message = cache.get(q); + if (message != null) { + return message; + } + String dnsServer[] = findDNS(); + for (String dns : dnsServer) { + try { + message = query(q, dns); + if (message == null) { + continue; + } + if (message.getResponseCode() != + DNSMessage.RESPONSE_CODE.NO_ERROR) { + continue; + } + for (Record record: message.getAnswers()) { + if (record.isAnswer(q)) { + return message; + } + } + } catch (IOException ioe) { + LOGGER.log(Level.FINE, "IOException in query", ioe); + } + } + return null; + } + + /** + * Retrieve a list of currently configured DNS servers. + * @return The server array. + */ + public String[] findDNS() { + String[] result = findDNSByReflection(); + if (result != null) { + LOGGER.fine("Got DNS servers via reflection: " + Arrays.toString(result)); + return result; + } + + result = findDNSByExec(); + if (result != null) { + LOGGER.fine("Got DNS servers via exec: " + Arrays.toString(result)); + return result; + } + + // fallback for ipv4 and ipv6 connectivity + // see https://developers.google.com/speed/public-dns/docs/using + LOGGER.fine("No DNS found? Using fallback [8.8.8.8, [2001:4860:4860::8888]]"); + + return new String[]{"8.8.8.8", "[2001:4860:4860::8888]"}; + } + + /** + * Try to retrieve the list of dns server by executing getprop. + * @return Array of servers, or null on failure. + */ + protected String[] findDNSByExec() { + try { + Process process = Runtime.getRuntime().exec("getprop"); + InputStream inputStream = process.getInputStream(); + LineNumberReader lnr = new LineNumberReader( + new InputStreamReader(inputStream)); + String line = null; + HashSet<String> server = new HashSet<String>(6); + while ((line = lnr.readLine()) != null) { + int split = line.indexOf("]: ["); + if (split == -1) { + continue; + } + String property = line.substring(1, split); + String value = line.substring(split + 4, line.length() - 1); + if (property.endsWith(".dns") || property.endsWith(".dns1") || + property.endsWith(".dns2") || property.endsWith(".dns3") || + property.endsWith(".dns4")) { + + // normalize the address + + InetAddress ip = InetAddress.getByName(value); + + if (ip == null) continue; + + value = ip.getHostAddress(); + + if (value == null) continue; + if (value.length() == 0) continue; + + server.add(value); + } + } + if (server.size() > 0) { + return server.toArray(new String[server.size()]); + } + } catch (IOException e) { + LOGGER.log(Level.WARNING, "Exception in findDNSByExec", e); + } + return null; + } + + /** + * Try to retrieve the list of dns server by calling SystemProperties. + * @return Array of servers, or null on failure. + */ + protected String[] findDNSByReflection() { + try { + Class<?> SystemProperties = + Class.forName("android.os.SystemProperties"); + Method method = SystemProperties.getMethod("get", + new Class[] { String.class }); + + ArrayList<String> servers = new ArrayList<String>(5); + + for (String propKey : new String[] { + "net.dns1", "net.dns2", "net.dns3", "net.dns4"}) { + + String value = (String)method.invoke(null, propKey); + + if (value == null) continue; + if (value.length() == 0) continue; + if (servers.contains(value)) continue; + + InetAddress ip = InetAddress.getByName(value); + + if (ip == null) continue; + + value = ip.getHostAddress(); + + if (value == null) continue; + if (value.length() == 0) continue; + if (servers.contains(value)) continue; + + servers.add(value); + } + + if (servers.size() > 0) { + return servers.toArray(new String[servers.size()]); + } + } catch (Exception e) { + // we might trigger some problems this way + LOGGER.log(Level.WARNING, "Exception in findDNSByReflection", e); + } + return null; + } + +} diff --git a/libs/minidns/src/main/java/de/measite/minidns/DNSCache.java b/libs/minidns/src/main/java/de/measite/minidns/DNSCache.java new file mode 100644 index 00000000..14a3a776 --- /dev/null +++ b/libs/minidns/src/main/java/de/measite/minidns/DNSCache.java @@ -0,0 +1,23 @@ +package de.measite.minidns; + +/** + * Cache for DNS Entries. Implementations must be thread safe. + */ +public interface DNSCache { + + /** + * Add an an dns answer/response for a given dns question. Implementations + * should honor the ttl / receive timestamp. + * @param q The question. + * @param message The dns message. + */ + void put(Question q, DNSMessage message); + + /** + * Request a cached dns response. + * @param q The dns question. + * @return The dns message. + */ + DNSMessage get(Question q); + +} diff --git a/libs/minidns/src/main/java/de/measite/minidns/DNSMessage.java b/libs/minidns/src/main/java/de/measite/minidns/DNSMessage.java new file mode 100644 index 00000000..ab2535ce --- /dev/null +++ b/libs/minidns/src/main/java/de/measite/minidns/DNSMessage.java @@ -0,0 +1,524 @@ +package de.measite.minidns; + +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; +import java.io.DataInputStream; +import java.io.DataOutputStream; +import java.io.IOException; +import java.util.Arrays; + +/** + * A DNS message as defined by rfc1035. The message consists of a header and + * 4 sections: question, answer, nameserver and addition resource record + * section. + * A message can either be parsed ({@link DNSMessage#parse(byte[])}) or serialized + * ({@link DNSMessage#toArray()}). + */ +public class DNSMessage { + + /** + * Possible DNS reply codes. + */ + public static enum RESPONSE_CODE { + NO_ERROR(0), FORMAT_ERR(1), SERVER_FAIL(2), NX_DOMAIN(3), + NO_IMP(4), REFUSED(5), YXDOMAIN(6), YXRRSET(7), + NXRRSET(8), NOT_AUTH(9),NOT_ZONE(10); + + /** + * Reverse lookup table for response codes. + */ + private final static RESPONSE_CODE INVERSE_LUT[] = new RESPONSE_CODE[]{ + NO_ERROR, FORMAT_ERR, SERVER_FAIL, NX_DOMAIN, NO_IMP, + REFUSED, YXDOMAIN, YXRRSET, NXRRSET, NOT_AUTH, NOT_ZONE, + null, null, null, null, null + }; + + /** + * The response code value. + */ + private final byte value; + + /** + * Create a new response code. + * @param value The response code value. + */ + private RESPONSE_CODE(int value) { + this.value = (byte)value; + } + + /** + * Retrieve the byte value of the response code. + * @return the response code. + */ + public byte getValue() { + return (byte) value; + } + + /** + * Retrieve the response code for a byte value. + * @param value The byte value. + * @return The symbolic response code or null. + * @throws IllegalArgumentException if the value is not in the range of + * 0..15. + */ + public static RESPONSE_CODE getResponseCode(int value) { + if (value < 0 || value > 15) { + throw new IllegalArgumentException(); + } + return INVERSE_LUT[value]; + } + + }; + + /** + * Symbolic DNS Opcode values. + */ + public static enum OPCODE { + QUERY(0), + INVERSE_QUERY(1), + STATUS(2), + NOTIFY(4), + UPDATE(5); + + /** + * Lookup table for for obcode reolution. + */ + private final static OPCODE INVERSE_LUT[] = new OPCODE[]{ + QUERY, INVERSE_QUERY, STATUS, null, NOTIFY, UPDATE, null, + null, null, null, null, null, null, null, null + }; + + /** + * The value of this opcode. + */ + private final byte value; + + /** + * Create a new opcode for a given byte value. + * @param value The byte value of the opcode. + */ + private OPCODE(int value) { + this.value = (byte)value; + } + + /** + * Retrieve the byte value of this opcode. + * @return The byte value of this opcode. + */ + public byte getValue() { + return value; + } + + /** + * Retrieve the symbolic name of an opcode byte. + * @param value The byte value of the opcode. + * @return The symbolic opcode or null. + * @throws IllegalArgumentException If the byte value is not in the + * range 0..15. + */ + public static OPCODE getOpcode(int value) { + if (value < 0 || value > 15) { + throw new IllegalArgumentException(); + } + return INVERSE_LUT[value]; + } + + }; + + /** + * The DNS message id. + */ + protected int id; + + /** + * The DNS message opcode. + */ + protected OPCODE opcode; + + /** + * The response code of this dns message. + */ + protected RESPONSE_CODE responseCode; + + /** + * True if this is a query. + */ + protected boolean query; + + /** + * True if this is a authorative response. + */ + protected boolean authoritativeAnswer; + + /** + * True on truncate, tcp should be used. + */ + protected boolean truncated; + + /** + * True if the server should recurse. + */ + protected boolean recursionDesired; + + /** + * True if recursion is possible. + */ + protected boolean recursionAvailable; + + /** + * True if the server regarded the response as authentic. + */ + protected boolean authenticData; + + /** + * True if the server should not check the replies. + */ + protected boolean checkDisabled; + + /** + * The question section content. + */ + protected Question questions[]; + + /** + * The answers section content. + */ + protected Record answers[]; + + /** + * The nameserver records. + */ + protected Record nameserverRecords[]; + + /** + * Additional resousrce records. + */ + protected Record additionalResourceRecords[]; + + /** + * The receive timestamp of this message. + */ + protected long receiveTimestamp; + + /** + * Retrieve the current DNS message id. + * @return The current DNS message id. + */ + public int getId() { + return id; + } + + /** + * Set the current DNS message id. + * @param id The new DNS message id. + */ + public void setId(int id) { + this.id = id & 0xffff; + } + + /** + * Get the receive timestamp if this message was created via parse. + * This should be used to evaluate TTLs. + * @return The receive timestamp in milliseconds. + */ + public long getReceiveTimestamp() { + return receiveTimestamp; + } + + /** + * Retrieve the query type (true or false; + * @return True if this DNS message is a query. + */ + public boolean isQuery() { + return query; + } + + /** + * Set the query status of this message. + * @param query The new query status. + */ + public void setQuery(boolean query) { + this.query = query; + } + + /** + * True if the DNS message is an authoritative answer. + * @return True if this an authoritative DNS message. + */ + public boolean isAuthoritativeAnswer() { + return authoritativeAnswer; + } + + /** + * Set the authoritative answer flag. + * @param authoritativeAnswer Tge new authoritative answer value. + */ + public void setAuthoritativeAnswer(boolean authoritativeAnswer) { + this.authoritativeAnswer = authoritativeAnswer; + } + + /** + * Retrieve the truncation status of this message. True means that the + * client should try a tcp lookup. + * @return True if this message was truncated. + */ + public boolean isTruncated() { + return truncated; + } + + /** + * Set the truncation bit on this DNS message. + * @param truncated The new truncated bit status. + */ + public void setTruncated(boolean truncated) { + this.truncated = truncated; + } + + /** + * Check if this message preferes recursion. + * @return True if recursion is desired. + */ + public boolean isRecursionDesired() { + return recursionDesired; + } + + /** + * Set the recursion desired flag on this message. + * @param recursionDesired The new recusrion setting. + */ + public void setRecursionDesired(boolean recursionDesired) { + this.recursionDesired = recursionDesired; + } + + /** + * Retrieve the recursion available flag of this DNS message. + * @return The recursion available flag of this message. + */ + public boolean isRecursionAvailable() { + return recursionAvailable; + } + + /** + * Set the recursion available flog from this DNS message. + * @param recursionAvailable The new recursion available status. + */ + public void setRecursionAvailable(boolean recursionAvailable) { + this.recursionAvailable = recursionAvailable; + } + + /** + * Retrieve the authentic data flag of this message. + * @return The authentic data flag. + */ + public boolean isAuthenticData() { + return authenticData; + } + + /** + * Set the authentic data flag on this DNS message. + * @param authenticData The new authentic data flag value. + */ + public void setAuthenticData(boolean authenticData) { + this.authenticData = authenticData; + } + + /** + * Check if checks are disabled. + * @return The status of the CheckDisabled flag. + */ + public boolean isCheckDisabled() { + return checkDisabled; + } + + /** + * Change the check status of this packet. + * @param checkDisabled The new check disabled value. + */ + public void setCheckDisabled(boolean checkDisabled) { + this.checkDisabled = checkDisabled; + } + + /** + * Generate a binary dns packet out of this message. + * @return byte[] the binary representation. + * @throws IOException Should never happen. + */ + public byte[] toArray() throws IOException { + ByteArrayOutputStream baos = new ByteArrayOutputStream(512); + DataOutputStream dos = new DataOutputStream(baos); + int header = 0; + if (query) { + header += 1 << 15; + } + if (opcode != null) { + header += opcode.getValue() << 11; + } + if (authoritativeAnswer) { + header += 1 << 10; + } + if (truncated) { + header += 1 << 9; + } + if (recursionDesired) { + header += 1 << 8; + } + if (recursionAvailable) { + header += 1 << 7; + } + if (authenticData) { + header += 1 << 5; + } + if (checkDisabled) { + header += 1 << 4; + } + if (responseCode != null) { + header += responseCode.getValue(); + } + dos.writeShort((short)id); + dos.writeShort((short)header); + if (questions == null) { + dos.writeShort(0); + } else { + dos.writeShort((short)questions.length); + } + if (answers == null) { + dos.writeShort(0); + } else { + dos.writeShort((short)answers.length); + } + if (nameserverRecords == null) { + dos.writeShort(0); + } else { + dos.writeShort((short)nameserverRecords.length); + } + if (additionalResourceRecords == null) { + dos.writeShort(0); + } else { + dos.writeShort((short)additionalResourceRecords.length); + } + for (Question question: questions) { + dos.write(question.toByteArray()); + } + dos.flush(); + return baos.toByteArray(); + } + + /** + * Build a DNS Message based on a binary DNS message. + * @param data The DNS message data. + * @return Parsed DNSMessage message. + * @throws IOException On read errors. + */ + public static DNSMessage parse(byte data[]) throws IOException { + ByteArrayInputStream bis = new ByteArrayInputStream(data); + DataInputStream dis = new DataInputStream(bis); + DNSMessage message = new DNSMessage(); + message.id = dis.readUnsignedShort(); + int header = dis.readUnsignedShort(); + message.query = ((header >> 15) & 1) == 0; + message.opcode = OPCODE.getOpcode((header >> 11) & 0xf); + message.authoritativeAnswer = ((header >> 10) & 1) == 1; + message.truncated = ((header >> 9) & 1) == 1; + message.recursionDesired = ((header >> 8) & 1) == 1; + message.recursionAvailable = ((header >> 7) & 1) == 1; + message.authenticData = ((header >> 5) & 1) == 1; + message.checkDisabled = ((header >> 4) & 1) == 1; + message.responseCode = RESPONSE_CODE.getResponseCode(header & 0xf); + message.receiveTimestamp = System.currentTimeMillis(); + int questionCount = dis.readUnsignedShort(); + int answerCount = dis.readUnsignedShort(); + int nameserverCount = dis.readUnsignedShort(); + int additionalResourceRecordCount = dis.readUnsignedShort(); + message.questions = new Question[questionCount]; + while (questionCount-- > 0) { + Question q = Question.parse(dis, data); + message.questions[questionCount] = q; + } + message.answers = new Record[answerCount]; + while (answerCount-- > 0) { + Record rr = new Record(); + rr.parse(dis, data); + message.answers[answerCount] = rr; + } + message.nameserverRecords = new Record[nameserverCount]; + while (nameserverCount-- > 0) { + Record rr = new Record(); + rr.parse(dis, data); + message.nameserverRecords[nameserverCount] = rr; + } + message.additionalResourceRecords = + new Record[additionalResourceRecordCount]; + while (additionalResourceRecordCount-- > 0) { + Record rr = new Record(); + rr.parse(dis, data); + message.additionalResourceRecords[additionalResourceRecordCount] = + rr; + } + return message; + } + + /** + * Set the question part of this message. + * @param questions The questions. + */ + public void setQuestions(Question ... questions) { + this.questions = questions; + } + + /** + * Retrieve the opcode of this message. + * @return The opcode of this message. + */ + public OPCODE getOpcode() { + return opcode; + } + + /** + * Retrieve the response code of this message. + * @return The response code. + */ + public RESPONSE_CODE getResponseCode() { + return responseCode; + } + + /** + * Retrieve the question section of this message. + * @return The DNS question section. + */ + public Question[] getQuestions() { + return questions; + } + + /** + * Retrieve the answer records of this DNS message. + * @return The answer section of this DNS message. + */ + public Record[] getAnswers() { + return answers; + } + + /** + * Retrieve the nameserver records of this DNS message. + * @return The nameserver section of this DNS message. + */ + public Record[] getNameserverRecords() { + return nameserverRecords; + } + + /** + * Retrieve the additional resource records attached to this DNS message. + * @return The additional resource record section of this DNS message. + */ + public Record[] getAdditionalResourceRecords() { + return additionalResourceRecords; + } + + public String toString() { + return "-- DNSMessage " + id + " --\n" + + "Q" + Arrays.toString(questions) + + "NS" + Arrays.toString(nameserverRecords) + + "A" + Arrays.toString(answers) + + "ARR" + Arrays.toString(additionalResourceRecords); + } + +} diff --git a/libs/minidns/src/main/java/de/measite/minidns/LRUCache.java b/libs/minidns/src/main/java/de/measite/minidns/LRUCache.java new file mode 100644 index 00000000..6b9bbdc1 --- /dev/null +++ b/libs/minidns/src/main/java/de/measite/minidns/LRUCache.java @@ -0,0 +1,139 @@ +package de.measite.minidns; + +import java.util.LinkedHashMap; +import java.util.Map.Entry; + +/** + * LRU based DNSCache backed by a LinkedHashMap. + */ +public class LRUCache implements DNSCache { + + /** + * Internal miss count. + */ + protected long missCount = 0l; + + /** + * Internal expire count (subset of misses that was caused by expire). + */ + protected long expireCount = 0l; + + /** + * Internal hit count. + */ + protected long hitCount = 0l; + + /** + * The internal capacity of the backend cache. + */ + protected int capacity; + + /** + * The upper bound of the ttl. All longer TTLs will be capped by this ttl. + */ + protected long maxTTL; + + /** + * The backend cache. + */ + protected LinkedHashMap<Question, DNSMessage> backend; + + /** + * Create a new LRUCache with given capacity and upper bound ttl. + * @param capacity The internal capacity. + * @param maxTTL The upper bound for any ttl. + */ + @SuppressWarnings("serial") + public LRUCache(final int capacity, final long maxTTL) { + this.capacity = capacity; + this.maxTTL = maxTTL; + backend = new LinkedHashMap<Question,DNSMessage>( + Math.min(capacity + (capacity + 3) / 4 + 2, 11), 0.75f, true) + { + @Override + protected boolean removeEldestEntry( + Entry<Question, DNSMessage> eldest) { + return size() > capacity; + } + }; + } + + /** + * Create a new LRUCache with given capacity. + * @param capacity The capacity of this cache. + */ + public LRUCache(final int capacity) { + this(capacity, Long.MAX_VALUE); + } + + @Override + public synchronized void put(Question q, DNSMessage message) { + if (message.getReceiveTimestamp() <= 0l) { + return; + } + backend.put(q, message); + } + + @Override + public synchronized DNSMessage get(Question q) { + DNSMessage message = backend.get(q); + if (message == null) { + missCount++; + return null; + } + + long ttl = maxTTL; + for (Record r : message.getAnswers()) { + ttl = Math.min(ttl, r.ttl); + } + for (Record r : message.getAdditionalResourceRecords()) { + ttl = Math.min(ttl, r.ttl); + } + if (message.getReceiveTimestamp() + ttl > System.currentTimeMillis()) { + missCount++; + expireCount++; + backend.remove(q); + return null; + } else { + hitCount++; + return message; + } + } + + /** + * Clear all entries in this cache. + */ + public synchronized void clear() { + backend.clear(); + missCount = 0l; + hitCount = 0l; + expireCount = 0l; + } + + /** + * Get the miss count of this cache which is the number of fruitless + * get calls since this cache was last resetted. + * @return The number of cache misses. + */ + public long getMissCount() { + return missCount; + } + + /** + * The number of expires (cache hits that have had a ttl to low to be + * retrieved). + * @return The expire count. + */ + public long getExpireCount() { + return expireCount; + } + + /** + * The cache hit count (all sucessful calls to get). + * @return The hit count. + */ + public long getHitCount() { + return hitCount; + } + +} diff --git a/libs/minidns/src/main/java/de/measite/minidns/Question.java b/libs/minidns/src/main/java/de/measite/minidns/Question.java new file mode 100644 index 00000000..3b2fa1a1 --- /dev/null +++ b/libs/minidns/src/main/java/de/measite/minidns/Question.java @@ -0,0 +1,158 @@ +package de.measite.minidns; + +import java.io.ByteArrayOutputStream; +import java.io.DataInputStream; +import java.io.DataOutputStream; +import java.io.IOException; +import java.util.Arrays; + +import de.measite.minidns.Record.CLASS; +import de.measite.minidns.Record.TYPE; +import de.measite.minidns.util.NameUtil; + +/** + * A DNS question (request). + */ +public class Question { + + /** + * The question string (e.g. "measite.de"). + */ + private final String name; + + /** + * The question type (e.g. A). + */ + private final TYPE type; + + /** + * The question class (usually IN / internet). + */ + private final CLASS clazz; + + /** + * UnicastQueries have the highest bit of the CLASS field set to 1. + */ + private final boolean unicastQuery; + + /** + * Cache for the serialized object. + */ + private byte[] byteArray; + + /** + * Create a dns question for the given name/type/class. + * @param name The name e.g. "measite.de". + * @param type The type, e.g. A. + * @param clazz The class, usually IN (internet). + */ + public Question(String name, TYPE type, CLASS clazz, boolean unicastQuery) { + this.name = name; + this.type = type; + this.clazz = clazz; + this.unicastQuery = unicastQuery; + } + + /** + * Create a dns question for the given name/type/class. + * @param name The name e.g. "measite.de". + * @param type The type, e.g. A. + * @param clazz The class, usually IN (internet). + */ + public Question(String name, TYPE type, CLASS clazz) { + this(name, type, clazz, false); + } + + /** + * Create a dns question for the given name/type/IN (internet class). + * @param name The name e.g. "measite.de". + * @param type The type, e.g. A. + */ + public Question(String name, TYPE type) { + this(name, type, CLASS.IN); + } + + /** + * Retrieve the type of this question. + * @return The type. + */ + public TYPE getType() { + return type; + } + + /** + * Retrieve the class of this dns question (usually internet). + * @return The class of this dns question. + */ + public CLASS getClazz() { + return clazz; + } + + /** + * Retrieve the name of this dns question (e.g. "measite.de"). + * @return The name of this dns question. + */ + public String getName() { + return name; + } + + /** + * Parse a byte array and rebuild the dns question from it. + * @param dis The input stream. + * @param data The plain data (for dns name references). + * @return The parsed dns question. + * @throws IOException On errors (read outside of packet). + */ + public static Question parse(DataInputStream dis, byte[] data) throws IOException { + String name = NameUtil.parse(dis, data); + TYPE type = TYPE.getType(dis.readUnsignedShort()); + CLASS clazz = CLASS.getClass(dis.readUnsignedShort()); + return new Question (name, type, clazz); + } + + /** + * Generate a binary paket for this dns question. + * @return The dns question. + */ + public byte[] toByteArray() { + if (byteArray == null) { + ByteArrayOutputStream baos = new ByteArrayOutputStream(512); + DataOutputStream dos = new DataOutputStream(baos); + + try { + dos.write(NameUtil.toByteArray(this.name)); + dos.writeShort(type.getValue()); + dos.writeShort(clazz.getValue() | (unicastQuery ? (1 << 15) : 0)); + dos.flush(); + } catch (IOException e) { + // Should never happen + throw new IllegalStateException(e); + } + byteArray = baos.toByteArray(); + } + return byteArray; + } + + @Override + public int hashCode() { + return Arrays.hashCode(toByteArray()); + } + + @Override + public boolean equals(Object other) { + if (this == other) { + return true; + } + if (!(other instanceof Question)) { + return false; + } + byte t[] = toByteArray(); + byte o[] = ((Question)other).toByteArray(); + return Arrays.equals(t, o); + } + + @Override + public String toString() { + return "Question/" + clazz + "/" + type + ": " + name; + } +} diff --git a/libs/minidns/src/main/java/de/measite/minidns/Record.java b/libs/minidns/src/main/java/de/measite/minidns/Record.java new file mode 100644 index 00000000..ab081426 --- /dev/null +++ b/libs/minidns/src/main/java/de/measite/minidns/Record.java @@ -0,0 +1,343 @@ +package de.measite.minidns; + +import java.io.DataInputStream; +import java.io.IOException; +import java.util.HashMap; +import java.util.logging.Level; +import java.util.logging.Logger; + +import de.measite.minidns.record.A; +import de.measite.minidns.record.AAAA; +import de.measite.minidns.record.CNAME; +import de.measite.minidns.record.Data; +import de.measite.minidns.record.NS; +import de.measite.minidns.record.PTR; +import de.measite.minidns.record.SRV; +import de.measite.minidns.record.TXT; +import de.measite.minidns.util.NameUtil; + +/** + * A generic DNS record. + */ +public class Record { + + private static final Logger LOGGER = Logger.getLogger(Client.class.getName()); + + /** + * The record type. + * @see <a href="http://www.iana.org/assignments/dns-parameters">IANA DNS Parameters</a> + */ + public static enum TYPE { + A(1), + NS(2), + MD(3), + MF(4), + CNAME(5), + SOA(6), + MB(7), + MG(8), + MR(9), + NULL(10), + WKS(11), + PTR(12), + HINFO(13), + MINFO(14), + MX(15), + TXT(16), + RP(17), + AFSDB(18), + X25(19), + ISDN(20), + RT(21), + NSAP(22), + NSAP_PTR(23), + SIG(24), + KEY(25), + PX(26), + GPOS(27), + AAAA(28), + LOC(29), + NXT(30), + EID(31), + NIMLOC(32), + SRV(33), + ATMA(34), + NAPTR(35), + KX(36), + CERT(37), + A6(38), + DNAME(39), + SINK(40), + OPT(41), + APL(42), + DS(43), + SSHFP(44), + IPSECKEY(45), + RRSIG(46), + NSEC(47), + DNSKEY(48), + DHCID(49), + NSEC3(50), + NSEC3PARAM(51), + HIP(55), + NINFO(56), + RKEY(57), + TALINK(58), + SPF(99), + UINFO(100), + UID(101), + GID(102), + TKEY(249), + TSIG(250), + IXFR(251), + AXFR(252), + MAILB(253), + MAILA(254), + ANY(255), + TA(32768), + DLV(32769); + + /** + * The value of this DNS record type. + */ + private final int value; + + /** + * Internal lookup table to map values to types. + */ + private final static HashMap<Integer, TYPE> INVERSE_LUT = + new HashMap<Integer, TYPE>(); + + /** + * Initialize the reverse lookup table. + */ + static { + for(TYPE t: TYPE.values()) { + INVERSE_LUT.put(t.getValue(), t); + } + } + + /** + * Create a new record type. + * @param value The binary value of this type. + */ + private TYPE(int value) { + this.value = value; + } + + /** + * Retrieve the binary value of this type. + * @return The binary value. + */ + public int getValue() { + return value; + } + + /** + * Retrieve the symbolic type of the binary value. + * @param value The binary type value. + * @return The symbolic tpye. + */ + public static TYPE getType(int value) { + return INVERSE_LUT.get(value); + } + }; + + /** + * The symbolic class of a DNS record (usually IN for Internet). + */ + public static enum CLASS { + IN(1), + CH(3), + HS(4), + NONE(254), + ANY(255); + + /** + * Internal reverse lookup table to map binary class values to symbolic + * names. + */ + private final static HashMap<Integer, CLASS> INVERSE_LUT = + new HashMap<Integer, CLASS>(); + + /** + * Initialize the interal reverse lookup table. + */ + static { + for(CLASS c: CLASS.values()) { + INVERSE_LUT.put(c.getValue(), c); + } + } + + /** + * The binary value of this dns class. + */ + private final int value; + + /** + * Create a new DNS class based on a binary value. + * @param value The binary value of this DNS class. + */ + private CLASS(int value) { + this.value = value; + } + + /** + * Retrieve the binary value of this DNS class. + * @return The binary value of this DNS class. + */ + public int getValue() { + return value; + } + + /** + * Retrieve the symbolic DNS class for a binary class value. + * @param value The binary DNS class value. + * @return The symbolic class instance. + */ + public static CLASS getClass(int value) { + return INVERSE_LUT.get(value); + } + + } + + /** + * The generic name of this record. + */ + protected String name; + + /** + * The type (and payload type) of this record. + */ + protected TYPE type; + + /** + * The record class (usually CLASS.IN). + */ + protected CLASS clazz; + + /** + * The ttl of this record. + */ + protected long ttl; + + /** + * The payload object of this record. + */ + protected Data payloadData; + + /** + * MDNS defines the highest bit of the class as the unicast query bit. + */ + protected boolean unicastQuery; + + /** + * Parse a given record based on the full message data and the current + * stream position. + * @param dis The DataInputStream positioned at the first record byte. + * @param data The full message data. + * @throws IOException In case of malformed replies. + */ + public void parse(DataInputStream dis, byte[] data) throws IOException { + this.name = NameUtil.parse(dis, data); + this.type = TYPE.getType(dis.readUnsignedShort()); + int clazzValue = dis.readUnsignedShort(); + this.clazz = CLASS.getClass(clazzValue & 0x7fff); + this.unicastQuery = (clazzValue & 0x8000) > 0; + if (this.clazz == null) { + LOGGER.log(Level.FINE, "Unknown class " + clazzValue); + } + this.ttl = (((long)dis.readUnsignedShort()) << 32) + + dis.readUnsignedShort(); + int payloadLength = dis.readUnsignedShort(); + switch (this.type) { + case SRV: + this.payloadData = new SRV(); + break; + case AAAA: + this.payloadData = new AAAA(); + break; + case A: + this.payloadData = new A(); + break; + case NS: + this.payloadData = new NS(); + break; + case CNAME: + this.payloadData = new CNAME(); + break; + case PTR: + this.payloadData = new PTR(); + break; + case TXT: + this.payloadData = new TXT(); + break; + default: + LOGGER.log(Level.FINE, "Unparsed type " + type); + this.payloadData = null; + for (int i = 0; i < payloadLength; i++) { + dis.readByte(); + } + break; + } + if (this.payloadData != null) { + this.payloadData.parse(dis, data, payloadLength); + } + } + + /** + * Retrieve a textual representation of this resource record. + * @return String + */ + @Override + public String toString() { + if (payloadData == null) { + return "RR " + type + "/" + clazz; + } + return "RR " + type + "/" + clazz + ": " + payloadData.toString(); + }; + + /** + * Check if this record answers a given query. + * @param q The query. + * @return True if this record is a valid answer. + */ + public boolean isAnswer(Question q) { + return ((q.getType() == type) || (q.getType() == TYPE.ANY)) && + ((q.getClazz() == clazz) || (q.getClazz() == CLASS.ANY)) && + (q.getName().equals(name)); + } + + /** + * See if this query/response was a unicast query (highest class bit set). + * @return True if it is a unicast query/response record. + */ + public boolean isUnicastQuery() { + return unicastQuery; + } + + /** + * The generic record name, e.g. "measite.de". + * @return The record name. + */ + public String getName() { + return name; + } + + /** + * The payload data, usually a subclass of data (A, AAAA, CNAME, ...). + * @return The payload data. + */ + public Data getPayload() { + return payloadData; + } + + /** + * Retrieve the record ttl. + * @return The record ttl. + */ + public long getTtl() { + return ttl; + } + +} diff --git a/libs/minidns/src/main/java/de/measite/minidns/record/A.java b/libs/minidns/src/main/java/de/measite/minidns/record/A.java new file mode 100644 index 00000000..4311c651 --- /dev/null +++ b/libs/minidns/src/main/java/de/measite/minidns/record/A.java @@ -0,0 +1,43 @@ +package de.measite.minidns.record; + +import java.io.DataInputStream; +import java.io.IOException; + +import de.measite.minidns.Record.TYPE; + +/** + * A record payload (ip pointer). + */ +public class A implements Data { + + /** + * Target IP. + */ + private byte[] ip; + + @Override + public TYPE getType() { + return TYPE.A; + } + + @Override + public byte[] toByteArray() { + return ip; + } + + @Override + public void parse(DataInputStream dis, byte[] data, int length) + throws IOException { + ip = new byte[4]; + dis.readFully(ip); + } + + @Override + public String toString() { + return Integer.toString(ip[0] & 0xff) + "." + + Integer.toString(ip[1] & 0xff) + "." + + Integer.toString(ip[2] & 0xff) + "." + + Integer.toString(ip[3] & 0xff); + } + +} diff --git a/libs/minidns/src/main/java/de/measite/minidns/record/AAAA.java b/libs/minidns/src/main/java/de/measite/minidns/record/AAAA.java new file mode 100644 index 00000000..e4fd5ecf --- /dev/null +++ b/libs/minidns/src/main/java/de/measite/minidns/record/AAAA.java @@ -0,0 +1,49 @@ +package de.measite.minidns.record; + +import java.io.DataInputStream; +import java.io.IOException; + +import de.measite.minidns.Record.TYPE; + +/** + * AAAA payload (an ipv6 pointer). + */ +public class AAAA implements Data { + + /** + * The ipv6 address. + */ + private byte[] ip; + + @Override + public TYPE getType() { + return TYPE.AAAA; + } + + @Override + public byte[] toByteArray() { + return ip; + } + + @Override + public void parse(DataInputStream dis, byte[] data, int length) + throws IOException { + ip = new byte[16]; + dis.readFully(ip); + } + + @Override + public String toString() { + StringBuilder sb = new StringBuilder(); + for (int i = 0; i < ip.length; i += 2) { + if (i != 0) { + sb.append(':'); + } + sb.append(Integer.toHexString( + ((ip[i] & 0xff) << 8) + (ip[i + 1] & 0xff) + )); + } + return sb.toString(); + } + +} diff --git a/libs/minidns/src/main/java/de/measite/minidns/record/CNAME.java b/libs/minidns/src/main/java/de/measite/minidns/record/CNAME.java new file mode 100644 index 00000000..1ac27814 --- /dev/null +++ b/libs/minidns/src/main/java/de/measite/minidns/record/CNAME.java @@ -0,0 +1,46 @@ +package de.measite.minidns.record; + +import java.io.DataInputStream; +import java.io.IOException; + +import de.measite.minidns.Record.TYPE; +import de.measite.minidns.util.NameUtil; + +/** + * CNAME payload (pointer to another domain / address). + */ +public class CNAME implements Data { + + protected String name; + + public String getName() { + return name; + } + + public void setName(String name) { + this.name = name; + } + + @Override + public byte[] toByteArray() { + throw new UnsupportedOperationException("Not implemented yet"); + } + + @Override + public void parse(DataInputStream dis, byte[] data, int length) + throws IOException + { + this.name = NameUtil.parse(dis, data); + } + + @Override + public TYPE getType() { + return TYPE.CNAME; + } + + @Override + public String toString() { + return "to \"" + name + "\""; + } + +} diff --git a/libs/minidns/src/main/java/de/measite/minidns/record/Data.java b/libs/minidns/src/main/java/de/measite/minidns/record/Data.java new file mode 100644 index 00000000..7f2db03a --- /dev/null +++ b/libs/minidns/src/main/java/de/measite/minidns/record/Data.java @@ -0,0 +1,34 @@ +package de.measite.minidns.record; + +import java.io.DataInputStream; +import java.io.IOException; + +import de.measite.minidns.Record.TYPE; + +/** + * Generic payload class. + */ +public interface Data { + + /** + * The payload type. + * @return The payload type. + */ + TYPE getType(); + + /** + * Binary representation of this payload. + * @return The binary representation of this payload. + */ + byte[] toByteArray(); + + /** + * Parse this payload. + * @param dis The input stream. + * @param data The plain data (needed for name cross references). + * @param length The payload length. + * @throws IOException on io error (read past paket boundary). + */ + void parse(DataInputStream dis, byte data[], int length) throws IOException; + +} diff --git a/libs/minidns/src/main/java/de/measite/minidns/record/NS.java b/libs/minidns/src/main/java/de/measite/minidns/record/NS.java new file mode 100644 index 00000000..8ac2d4c3 --- /dev/null +++ b/libs/minidns/src/main/java/de/measite/minidns/record/NS.java @@ -0,0 +1,15 @@ +package de.measite.minidns.record; + +import de.measite.minidns.Record.TYPE; + +/** + * Nameserver record. + */ +public class NS extends CNAME { + + @Override + public TYPE getType() { + return TYPE.NS; + } + +} diff --git a/libs/minidns/src/main/java/de/measite/minidns/record/PTR.java b/libs/minidns/src/main/java/de/measite/minidns/record/PTR.java new file mode 100644 index 00000000..6e200655 --- /dev/null +++ b/libs/minidns/src/main/java/de/measite/minidns/record/PTR.java @@ -0,0 +1,19 @@ +package de.measite.minidns.record; + +import java.io.DataInputStream; +import java.io.IOException; + +import de.measite.minidns.Record.TYPE; +import de.measite.minidns.util.NameUtil; + +/** + * A PTR record is handled like a CNAME + */ +public class PTR extends CNAME { + + @Override + public TYPE getType() { + return TYPE.PTR; + } + +} diff --git a/libs/minidns/src/main/java/de/measite/minidns/record/SRV.java b/libs/minidns/src/main/java/de/measite/minidns/record/SRV.java new file mode 100644 index 00000000..707bf3f5 --- /dev/null +++ b/libs/minidns/src/main/java/de/measite/minidns/record/SRV.java @@ -0,0 +1,124 @@ +package de.measite.minidns.record; + +import java.io.DataInputStream; +import java.io.IOException; + +import de.measite.minidns.Record.TYPE; +import de.measite.minidns.util.NameUtil; + +/** + * SRV record payload (service pointer). + */ +public class SRV implements Data { + + /** + * The priority of this service. + */ + protected int priority; + + /** + * The weight of this service. + */ + protected int weight; + + /** + * The target port. + */ + protected int port; + + /** + * The target server. + */ + protected String name; + + /** + * The priority of this service. Lower values mean higher priority. + * @return The priority. + */ + public int getPriority() { + return priority; + } + + /** + * Set the priority of this service entry. Lower values have higher priority. + * @param priority The new priority. + */ + public void setPriority(int priority) { + this.priority = priority; + } + + /** + * The weight of this service. Services with the same priority should be + * balanced based on weight. + * @return The weight of this service. + */ + public int getWeight() { + return weight; + } + + /** + * Set the weight of this service. + * @param weight The new weight of this service. + */ + public void setWeight(int weight) { + this.weight = weight; + } + + /** + * The target port of this service. + * @return The target port of this service. + */ + public int getPort() { + return port; + } + + /** + * Set the target port of this service. + * @param port The new target port. + */ + public void setPort(int port) { + this.port = port; + } + + /** + * The name of the target server. + * @return The target servers name. + */ + public String getName() { + return name; + } + + /** + * Set the name of the target server. + * @param name The new target servers name. + */ + public void setName(String name) { + this.name = name; + } + + @Override + public byte[] toByteArray() { + throw new UnsupportedOperationException("Not implemented yet"); + } + + @Override + public void parse(DataInputStream dis, byte[] data, int length) + throws IOException + { + this.priority = dis.readUnsignedShort(); + this.weight = dis.readUnsignedShort(); + this.port = dis.readUnsignedShort(); + this.name = NameUtil.parse(dis, data); + } + + @Override + public String toString() { + return "SRV " + name + ":" + port + " p:" + priority + " w:" + weight; + } + + @Override + public TYPE getType() { + return TYPE.SRV; + } + +} diff --git a/libs/minidns/src/main/java/de/measite/minidns/record/TXT.java b/libs/minidns/src/main/java/de/measite/minidns/record/TXT.java new file mode 100644 index 00000000..03e73040 --- /dev/null +++ b/libs/minidns/src/main/java/de/measite/minidns/record/TXT.java @@ -0,0 +1,65 @@ +package de.measite.minidns.record; + +import java.io.DataInputStream; +import java.io.IOException; + +import de.measite.minidns.Record.TYPE; +import de.measite.minidns.util.NameUtil; + +/** + * TXT record (actually a binary blob with wrappers for text content). + */ +public class TXT implements Data { + + protected byte[] blob; + + public byte[] getBlob() { + return blob; + } + + public void setBlob(byte[] blob) { + this.blob = blob; + } + + public String getText() { + try { + return (new String(blob, "UTF-8")).intern(); + } catch (Exception e) { + /* Can't happen for UTF-8 unless it's really a blob */ + return null; + } + } + + public void setText(String text) { + try { + this.blob = text.getBytes("UTF-8"); + } catch (Exception e) { + /* Can't happen, UTF-8 IS supported */ + throw new RuntimeException("UTF-8 not supported", e); + } + } + + @Override + public byte[] toByteArray() { + throw new UnsupportedOperationException("Not implemented yet"); + } + + @Override + public void parse(DataInputStream dis, byte[] data, int length) + throws IOException + { + blob = new byte[length]; + dis.readFully(blob); + } + + @Override + public TYPE getType() { + return TYPE.TXT; + } + + @Override + public String toString() { + return "\"" + getText() + "\""; + } + +} diff --git a/libs/minidns/src/main/java/de/measite/minidns/util/NameUtil.java b/libs/minidns/src/main/java/de/measite/minidns/util/NameUtil.java new file mode 100644 index 00000000..7ae373bc --- /dev/null +++ b/libs/minidns/src/main/java/de/measite/minidns/util/NameUtil.java @@ -0,0 +1,129 @@ +package de.measite.minidns.util; + +import java.io.ByteArrayOutputStream; +import java.io.DataInputStream; +import java.io.DataOutputStream; +import java.io.IOException; +import java.net.IDN; +import java.util.HashSet; +import java.util.Arrays; + +/** + * Utilities related to internationalized domain names and dns name handling. + */ +public class NameUtil { + + /** + * Retrieve the rough binary length of a string + * (length + 2 bytes length prefix). + * @param name The name string. + * @return The binary size of the string (length + 2). + */ + public static int size(String name) { + return name.length() + 2; + } + + /** + * Check if two internationalized domain names are equal, possibly causing + * a serialization of both domain names. + * @param name1 The first domain name. + * @param name2 The second domain name. + * @return True if both domain names are the same. + */ + public static boolean idnEquals(String name1, String name2) { + if (name1 == name2) return true; // catches null, null + if (name1 == null) return false; + if (name2 == null) return false; + if (name1.equals(name2)) return true; + + try { + return Arrays.equals(toByteArray(name1),toByteArray(name2)); + } catch (IOException e) { + return false; // impossible + } + } + + /** + * Serialize a domain name under IDN rules. + * @param name The domain name. + * @return The binary domain name representation. + * @throws IOException Should never happen. + */ + public static byte[] toByteArray(String name) throws IOException { + ByteArrayOutputStream baos = new ByteArrayOutputStream(64); + DataOutputStream dos = new DataOutputStream(baos); + for (String s: name.split("[.\u3002\uFF0E\uFF61]")) { + byte[] buffer = IDN.toASCII(s).getBytes(); + dos.writeByte(buffer.length); + dos.write(buffer); + } + dos.writeByte(0); + dos.flush(); + return baos.toByteArray(); + } + + /** + * Parse a domain name starting at the current offset and moving the input + * stream pointer past this domain name (even if cross references occure). + * @param dis The input stream. + * @param data The raw data (for cross references). + * @return The domain name string. + * @throws IOException Should never happen. + */ + public static String parse(DataInputStream dis, byte data[]) + throws IOException + { + int c = dis.readUnsignedByte(); + if ((c & 0xc0) == 0xc0) { + c = ((c & 0x3f) << 8) + dis.readUnsignedByte(); + HashSet<Integer> jumps = new HashSet<Integer>(); + jumps.add(c); + return parse(data, c, jumps); + } + if (c == 0) { + return ""; + } + byte b[] = new byte[c]; + dis.readFully(b); + String s = IDN.toUnicode(new String(b)); + String t = parse(dis, data); + if (t.length() > 0) { + s = s + "." + t; + } + return s; + } + + /** + * Parse a domain name starting at the given offset. + * @param data The raw data. + * @param offset The offset. + * @param jumps The list of jumps (by now). + * @return The parsed domain name. + * @throws IllegalStateException on cycles. + */ + public static String parse( + byte data[], + int offset, + HashSet<Integer> jumps + ) { + int c = data[offset] & 0xff; + if ((c & 0xc0) == 0xc0) { + c = ((c & 0x3f) << 8) + (data[offset + 1] & 0xff); + if (jumps.contains(c)) { + throw new IllegalStateException("Cyclic offsets detected."); + } + jumps.add(c); + return parse(data, c, jumps); + } + if (c == 0) { + return ""; + } + String s = new String(data,offset + 1, c); + String t = parse(data, offset + 1 + c, jumps); + if (t.length() > 0) { + s = s + "." + t; + } + return s; + } + +} diff --git a/libs/openpgp-api-lib b/libs/openpgp-api-lib deleted file mode 160000 -Subproject 0be263d5d3effd2df5f976fa4a127017268749c diff --git a/libs/openpgp-api-lib/.gitignore b/libs/openpgp-api-lib/.gitignore new file mode 100644 index 00000000..aa8bb576 --- /dev/null +++ b/libs/openpgp-api-lib/.gitignore @@ -0,0 +1,29 @@ +#Android specific +bin +gen +obj +lint.xml +local.properties +release.properties +ant.properties +*.class +*.apk + +#Gradle +.gradle +build +gradle.properties + +#Maven +target +pom.xml.* + +#Eclipse +.project +.classpath +.settings +.metadata + +#IntelliJ IDEA +.idea +*.iml diff --git a/libs/openpgp-api-lib/.tx/config b/libs/openpgp-api-lib/.tx/config new file mode 100644 index 00000000..9e6de616 --- /dev/null +++ b/libs/openpgp-api-lib/.tx/config @@ -0,0 +1,8 @@ +[main] +host = https://www.transifex.com +lang_map = af_ZA: af-rZA, am_ET: am-rET, ar_AE: ar-rAE, ar_BH: ar-rBH, ar_DZ: ar-rDZ, ar_EG: ar-rEG, ar_IQ: ar-rIQ, ar_JO: ar-rJO, ar_KW: ar-rKW, ar_LB: ar-rLB, ar_LY: ar-rLY, ar_MA: ar-rMA, ar_OM: ar-rOM, ar_QA: ar-rQA, ar_SA: ar-rSA, ar_SY: ar-rSY, ar_TN: ar-rTN, ar_YE: ar-rYE, arn_CL: arn-rCL, as_IN: as-rIN, az_AZ: az-rAZ, ba_RU: ba-rRU, be_BY: be-rBY, bg_BG: bg-rBG, bn_BD: bn-rBD, bn_IN: bn-rIN, bo_CN: bo-rCN, br_FR: br-rFR, bs_BA: bs-rBA, ca_ES: ca-rES, co_FR: co-rFR, cs_CZ: cs-rCZ, cy_GB: cy-rGB, da_DK: da-rDK, de_AT: de-rAT, de_CH: de-rCH, de_DE: de-rDE, de_LI: de-rLI, de_LU: de-rLU, dsb_DE: dsb-rDE, dv_MV: dv-rMV, el_GR: el-rGR, en_AU: en-rAU, en_BZ: en-rBZ, en_CA: en-rCA, en_GB: en-rGB, en_IE: en-rIE, en_IN: en-rIN, en_JM: en-rJM, en_MY: en-rMY, en_NZ: en-rNZ, en_PH: en-rPH, en_SG: en-rSG, en_TT: en-rTT, en_US: en-rUS, en_ZA: en-rZA, en_ZW: en-rZW, es_AR: es-rAR, es_BO: es-rBO, es_CL: es-rCL, es_CO: es-rCO, es_CR: es-rCR, es_DO: es-rDO, es_EC: es-rEC, es_ES: es-rES, es_GT: es-rGT, es_HN: es-rHN, es_MX: es-rMX, es_NI: es-rNI, es_PA: es-rPA, es_PE: es-rPE, es_PR: es-rPR, es_PY: es-rPY, es_SV: es-rSV, es_US: es-rUS, es_UY: es-rUY, es_VE: es-rVE, et_EE: et-rEE, eu_ES: eu-rES, fa_IR: fa-rIR, fi_FI: fi-rFI, fil_PH: fil-rPH, fo_FO: fo-rFO, fr_BE: fr-rBE, fr_CA: fr-rCA, fr_CH: fr-rCH, fr_FR: fr-rFR, fr_LU: fr-rLU, fr_MC: fr-rMC, fy_NL: fy-rNL, ga_IE: ga-rIE, gd_GB: gd-rGB, gl_ES: gl-rES, gsw_FR: gsw-rFR, gu_IN: gu-rIN, ha_NG: ha-rNG, hi_IN: hi-rIN, hr_BA: hr-rBA, hr_HR: hr-rHR, hsb_DE: hsb-rDE, hu_HU: hu-rHU, hy_AM: hy-rAM, id_ID: id-rID, ig_NG: ig-rNG, ii_CN: ii-rCN, is_IS: is-rIS, it_CH: it-rCH, it_IT: it-rIT, iu_CA: iu-rCA, ja_JP: ja-rJP, ka_GE: ka-rGE, kk_KZ: kk-rKZ, kl_GL: kl-rGL, km_KH: km-rKH, kn_IN: kn-rIN, ko_KR: ko-rKR, kok_IN: kok-rIN, ky_KG: ky-rKG, lb_LU: lb-rLU, lo_LA: lo-rLA, lt_LT: lt-rLT, lv_LV: lv-rLV, mi_NZ: mi-rNZ, mk_MK: mk-rMK, ml_IN: ml-rIN, mn_CN: mn-rCN, mn_MN: mn-rMN, moh_CA: moh-rCA, mr_IN: mr-rIN, ms_BN: ms-rBN, ms_MY: ms-rMY, mt_MT: mt-rMT, nb_NO: nb-rNO, ne_NP: ne-rNP, nl_BE: nl-rBE, nl_NL: nl-rNL, nn_NO: nn-rNO, nso_ZA: nso-rZA, oc_FR: oc-rFR, or_IN: or-rIN, pa_IN: pa-rIN, pl_PL: pl-rPL, prs_AF: prs-rAF, ps_AF: ps-rAF, pt_BR: pt-rBR, pt_PT: pt-rPT, qut_GT: qut-rGT, quz_BO: quz-rBO, quz_EC: quz-rEC, quz_PE: quz-rPE, rm_CH: rm-rCH, ro_RO: ro-rRO, ru_RU: ru-rRU, rw_RW: rw-rRW, sa_IN: sa-rIN, sah_RU: sah-rRU, se_FI: se-rFI, se_NO: se-rNO, se_SE: se-rSE, si_LK: si-rLK, sk_SK: sk-rSK, sl_SI: sl-rSI, sma_NO: sma-rNO, sma_SE: sma-rSE, smj_NO: smj-rNO, smj_SE: smj-rSE, smn_FI: smn-rFI, sms_FI: sms-rFI, sq_AL: sq-rAL, sr_BA: sr-rBA, sr_CS: sr-rCS, sr_ME: sr-rME, sr_RS: sr-rRS, sv_FI: sv-rFI, sv_SE: sv-rSE, sw_KE: sw-rKE, syr_SY: syr-rSY, ta_IN: ta-rIN, te_IN: te-rIN, tg_TJ: tg-rTJ, th_TH: th-rTH, tk_TM: tk-rTM, tn_ZA: tn-rZA, tr_TR: tr-rTR, tt_RU: tt-rRU, tzm_DZ: tzm-rDZ, ug_CN: ug-rCN, uk_UA: uk-rUA, ur_PK: ur-rPK, uz_UZ: uz-rUZ, vi_VN: vi-rVN, wo_SN: wo-rSN, xh_ZA: xh-rZA, yo_NG: yo-rNG, zh_CN: zh-rCN, zh_HK: zh-rHK, zh_MO: zh-rMO, zh_SG: zh-rSG, zh_TW: zh-rTW, zu_ZA: zu-rZA, no_NO: no-rNO, he_IL: iw-rIL, he: iw + +[open-keychain.api-strings] +file_filter = res/values-<lang>/strings.xml +source_file = res/values/strings.xml +source_lang = en diff --git a/libs/openpgp-api-lib/AndroidManifest.xml b/libs/openpgp-api-lib/AndroidManifest.xml new file mode 100644 index 00000000..98cb89fa --- /dev/null +++ b/libs/openpgp-api-lib/AndroidManifest.xml @@ -0,0 +1,13 @@ +<?xml version="1.0" encoding="utf-8"?> +<manifest xmlns:android="http://schemas.android.com/apk/res/android" + package="org.openintents.openpgp" + android:versionCode="1" + android:versionName="1.0" > + + <uses-sdk + android:minSdkVersion="9" + android:targetSdkVersion="19" /> + + <application/> + +</manifest>
\ No newline at end of file diff --git a/libs/openpgp-api-lib/LICENSE b/libs/openpgp-api-lib/LICENSE new file mode 100644 index 00000000..d6456956 --- /dev/null +++ b/libs/openpgp-api-lib/LICENSE @@ -0,0 +1,202 @@ + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/libs/openpgp-api-lib/README.md b/libs/openpgp-api-lib/README.md new file mode 100644 index 00000000..aefc9ed3 --- /dev/null +++ b/libs/openpgp-api-lib/README.md @@ -0,0 +1,21 @@ +# OpenPGP API library + +The OpenPGP API provides methods to execute OpenPGP operations, such as sign, encrypt, decrypt, verify, and more without user interaction from background threads. This is done by connecting your client application to a remote service provided by [OpenKeychain](http://www.openkeychain.org) or other OpenPGP providers. + +For usage instructions, please consult our Wiki page about the [OpenPGP API](https://github.com/open-keychain/open-keychain/wiki/OpenPGP-API). + +License +======= + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + diff --git a/libs/openpgp-api-lib/build.gradle b/libs/openpgp-api-lib/build.gradle new file mode 100644 index 00000000..6e8fdfb5 --- /dev/null +++ b/libs/openpgp-api-lib/build.gradle @@ -0,0 +1,35 @@ +// please leave this here, so this library builds on its own +buildscript { + repositories { + mavenCentral() + } + + dependencies { + classpath 'com.android.tools.build:gradle:0.12.2' + } +} + +apply plugin: 'android-library' + +android { + compileSdkVersion 19 + buildToolsVersion '19.1' + + // NOTE: We are using the old folder structure to also support Eclipse + sourceSets { + main { + manifest.srcFile 'AndroidManifest.xml' + java.srcDirs = ['src'] + resources.srcDirs = ['src'] + aidl.srcDirs = ['src'] + renderscript.srcDirs = ['src'] + res.srcDirs = ['res'] + assets.srcDirs = ['assets'] + } + } + + // Do not abort build if lint finds errors + lintOptions { + abortOnError false + } +} diff --git a/libs/openpgp-api-lib/build.xml b/libs/openpgp-api-lib/build.xml new file mode 100644 index 00000000..48ebf198 --- /dev/null +++ b/libs/openpgp-api-lib/build.xml @@ -0,0 +1,92 @@ +<?xml version="1.0" encoding="UTF-8"?> +<project name="keychain-api-library" default="help"> + + <!-- The local.properties file is created and updated by the 'android' tool. + It contains the path to the SDK. It should *NOT* be checked into + Version Control Systems. --> + <property file="local.properties" /> + + <!-- The ant.properties file can be created by you. It is only edited by the + 'android' tool to add properties to it. + This is the place to change some Ant specific build properties. + Here are some properties you may want to change/update: + + source.dir + The name of the source directory. Default is 'src'. + out.dir + The name of the output directory. Default is 'bin'. + + For other overridable properties, look at the beginning of the rules + files in the SDK, at tools/ant/build.xml + + Properties related to the SDK location or the project target should + be updated using the 'android' tool with the 'update' action. + + This file is an integral part of the build system for your + application and should be checked into Version Control Systems. + + --> + <property file="ant.properties" /> + + <!-- if sdk.dir was not set from one of the property file, then + get it from the ANDROID_HOME env var. + This must be done before we load project.properties since + the proguard config can use sdk.dir --> + <property environment="env" /> + <condition property="sdk.dir" value="${env.ANDROID_HOME}"> + <isset property="env.ANDROID_HOME" /> + </condition> + + <!-- The project.properties file is created and updated by the 'android' + tool, as well as ADT. + + This contains project specific properties such as project target, and library + dependencies. Lower level build properties are stored in ant.properties + (or in .classpath for Eclipse projects). + + This file is an integral part of the build system for your + application and should be checked into Version Control Systems. --> + <loadproperties srcFile="project.properties" /> + + <!-- quick check on sdk.dir --> + <fail + message="sdk.dir is missing. Make sure to generate local.properties using 'android update project' or to inject it through the ANDROID_HOME environment variable." + unless="sdk.dir" + /> + + <!-- + Import per project custom build rules if present at the root of the project. + This is the place to put custom intermediary targets such as: + -pre-build + -pre-compile + -post-compile (This is typically used for code obfuscation. + Compiled code location: ${out.classes.absolute.dir} + If this is not done in place, override ${out.dex.input.absolute.dir}) + -post-package + -post-build + -pre-clean + --> + <import file="custom_rules.xml" optional="true" /> + + <!-- Import the actual build file. + + To customize existing targets, there are two options: + - Customize only one target: + - copy/paste the target into this file, *before* the + <import> task. + - customize it to your needs. + - Customize the whole content of build.xml + - copy/paste the content of the rules files (minus the top node) + into this file, replacing the <import> task. + - customize to your needs. + + *********************** + ****** IMPORTANT ****** + *********************** + In all cases you must update the value of version-tag below to read 'custom' instead of an integer, + in order to avoid having your file be overridden by tools such as "android update project" + --> + <!-- version-tag: 1 --> + <import file="${sdk.dir}/tools/ant/build.xml" /> + +</project> diff --git a/libs/openpgp-api-lib/proguard-project.txt b/libs/openpgp-api-lib/proguard-project.txt new file mode 100644 index 00000000..f2fe1559 --- /dev/null +++ b/libs/openpgp-api-lib/proguard-project.txt @@ -0,0 +1,20 @@ +# To enable ProGuard in your project, edit project.properties +# to define the proguard.config property as described in that file. +# +# Add project specific ProGuard rules here. +# By default, the flags in this file are appended to flags specified +# in ${sdk.dir}/tools/proguard/proguard-android.txt +# You can edit the include path and order by changing the ProGuard +# include property in project.properties. +# +# For more details, see +# http://developer.android.com/guide/developing/tools/proguard.html + +# Add any project specific keep options here: + +# If your project uses WebView with JS, uncomment the following +# and specify the fully qualified class name to the JavaScript interface +# class: +#-keepclassmembers class fqcn.of.javascript.interface.for.webview { +# public *; +#} diff --git a/libs/openpgp-api-lib/project.properties b/libs/openpgp-api-lib/project.properties new file mode 100644 index 00000000..91d2b024 --- /dev/null +++ b/libs/openpgp-api-lib/project.properties @@ -0,0 +1,15 @@ +# This file is automatically generated by Android Tools. +# Do not modify this file -- YOUR CHANGES WILL BE ERASED! +# +# This file must be checked in Version Control Systems. +# +# To customize properties used by the Ant build system edit +# "ant.properties", and override values to adapt the script to your +# project structure. +# +# To enable ProGuard to shrink and obfuscate your code, uncomment this (available properties: sdk.dir, user.home): +#proguard.config=${sdk.dir}/tools/proguard/proguard-android.txt:proguard-project.txt + +# Project target. +target=android-19 +android.library=true diff --git a/libs/openpgp-api-lib/res/drawable-hdpi/ic_action_cancel_launchersize.png b/libs/openpgp-api-lib/res/drawable-hdpi/ic_action_cancel_launchersize.png Binary files differnew file mode 100644 index 00000000..71b9118d --- /dev/null +++ b/libs/openpgp-api-lib/res/drawable-hdpi/ic_action_cancel_launchersize.png diff --git a/libs/openpgp-api-lib/res/drawable-hdpi/ic_action_cancel_launchersize_light.png b/libs/openpgp-api-lib/res/drawable-hdpi/ic_action_cancel_launchersize_light.png Binary files differnew file mode 100644 index 00000000..73b1d08f --- /dev/null +++ b/libs/openpgp-api-lib/res/drawable-hdpi/ic_action_cancel_launchersize_light.png diff --git a/libs/openpgp-api-lib/res/drawable-mdpi/ic_action_cancel_launchersize.png b/libs/openpgp-api-lib/res/drawable-mdpi/ic_action_cancel_launchersize.png Binary files differnew file mode 100644 index 00000000..270abf45 --- /dev/null +++ b/libs/openpgp-api-lib/res/drawable-mdpi/ic_action_cancel_launchersize.png diff --git a/libs/openpgp-api-lib/res/drawable-mdpi/ic_action_cancel_launchersize_light.png b/libs/openpgp-api-lib/res/drawable-mdpi/ic_action_cancel_launchersize_light.png Binary files differnew file mode 100644 index 00000000..d841821c --- /dev/null +++ b/libs/openpgp-api-lib/res/drawable-mdpi/ic_action_cancel_launchersize_light.png diff --git a/libs/openpgp-api-lib/res/drawable-xhdpi/ic_action_cancel_launchersize.png b/libs/openpgp-api-lib/res/drawable-xhdpi/ic_action_cancel_launchersize.png Binary files differnew file mode 100644 index 00000000..1e3571fa --- /dev/null +++ b/libs/openpgp-api-lib/res/drawable-xhdpi/ic_action_cancel_launchersize.png diff --git a/libs/openpgp-api-lib/res/drawable-xhdpi/ic_action_cancel_launchersize_light.png b/libs/openpgp-api-lib/res/drawable-xhdpi/ic_action_cancel_launchersize_light.png Binary files differnew file mode 100644 index 00000000..d505046b --- /dev/null +++ b/libs/openpgp-api-lib/res/drawable-xhdpi/ic_action_cancel_launchersize_light.png diff --git a/libs/openpgp-api-lib/res/drawable-xxhdpi/ic_action_cancel_launchersize.png b/libs/openpgp-api-lib/res/drawable-xxhdpi/ic_action_cancel_launchersize.png Binary files differnew file mode 100644 index 00000000..52044601 --- /dev/null +++ b/libs/openpgp-api-lib/res/drawable-xxhdpi/ic_action_cancel_launchersize.png diff --git a/libs/openpgp-api-lib/res/drawable-xxhdpi/ic_action_cancel_launchersize_light.png b/libs/openpgp-api-lib/res/drawable-xxhdpi/ic_action_cancel_launchersize_light.png Binary files differnew file mode 100644 index 00000000..d6fb86bd --- /dev/null +++ b/libs/openpgp-api-lib/res/drawable-xxhdpi/ic_action_cancel_launchersize_light.png diff --git a/libs/openpgp-api-lib/res/values-cs/strings.xml b/libs/openpgp-api-lib/res/values-cs/strings.xml new file mode 100644 index 00000000..c9fe1fab --- /dev/null +++ b/libs/openpgp-api-lib/res/values-cs/strings.xml @@ -0,0 +1,5 @@ +<?xml version='1.0' encoding='UTF-8'?> +<resources> + <string name="openpgp_list_preference_none">Žádný</string> + <string name="openpgp_install_openkeychain_via">Instalovat OpenKeychain pomocí %s</string> +</resources> diff --git a/libs/openpgp-api-lib/res/values-de/strings.xml b/libs/openpgp-api-lib/res/values-de/strings.xml new file mode 100644 index 00000000..91e800ad --- /dev/null +++ b/libs/openpgp-api-lib/res/values-de/strings.xml @@ -0,0 +1,5 @@ +<?xml version='1.0' encoding='UTF-8'?> +<resources> + <string name="openpgp_list_preference_none">Keine Auswahl</string> + <string name="openpgp_install_openkeychain_via">Installiere OpenKeychain mit %s</string> +</resources> diff --git a/libs/openpgp-api-lib/res/values-es/strings.xml b/libs/openpgp-api-lib/res/values-es/strings.xml new file mode 100644 index 00000000..da8979b4 --- /dev/null +++ b/libs/openpgp-api-lib/res/values-es/strings.xml @@ -0,0 +1,5 @@ +<?xml version='1.0' encoding='UTF-8'?> +<resources> + <string name="openpgp_list_preference_none">Ninguno</string> + <string name="openpgp_install_openkeychain_via">Instalar OpenKeychain mediante %s</string> +</resources> diff --git a/libs/openpgp-api-lib/res/values-et/strings.xml b/libs/openpgp-api-lib/res/values-et/strings.xml new file mode 100644 index 00000000..c757504a --- /dev/null +++ b/libs/openpgp-api-lib/res/values-et/strings.xml @@ -0,0 +1,2 @@ +<?xml version='1.0' encoding='UTF-8'?> +<resources/> diff --git a/libs/openpgp-api-lib/res/values-fi/strings.xml b/libs/openpgp-api-lib/res/values-fi/strings.xml new file mode 100644 index 00000000..c757504a --- /dev/null +++ b/libs/openpgp-api-lib/res/values-fi/strings.xml @@ -0,0 +1,2 @@ +<?xml version='1.0' encoding='UTF-8'?> +<resources/> diff --git a/libs/openpgp-api-lib/res/values-fr/strings.xml b/libs/openpgp-api-lib/res/values-fr/strings.xml new file mode 100644 index 00000000..9b36df2d --- /dev/null +++ b/libs/openpgp-api-lib/res/values-fr/strings.xml @@ -0,0 +1,5 @@ +<?xml version='1.0' encoding='UTF-8'?> +<resources> + <string name="openpgp_list_preference_none">Aucun</string> + <string name="openpgp_install_openkeychain_via">Installer OpenKeychain par %s</string> +</resources> diff --git a/libs/openpgp-api-lib/res/values-is/strings.xml b/libs/openpgp-api-lib/res/values-is/strings.xml new file mode 100644 index 00000000..c757504a --- /dev/null +++ b/libs/openpgp-api-lib/res/values-is/strings.xml @@ -0,0 +1,2 @@ +<?xml version='1.0' encoding='UTF-8'?> +<resources/> diff --git a/libs/openpgp-api-lib/res/values-it/strings.xml b/libs/openpgp-api-lib/res/values-it/strings.xml new file mode 100644 index 00000000..23e8e801 --- /dev/null +++ b/libs/openpgp-api-lib/res/values-it/strings.xml @@ -0,0 +1,5 @@ +<?xml version='1.0' encoding='UTF-8'?> +<resources> + <string name="openpgp_list_preference_none">Nessuno</string> + <string name="openpgp_install_openkeychain_via">Installa OpenKeychain via %s</string> +</resources> diff --git a/libs/openpgp-api-lib/res/values-ja/strings.xml b/libs/openpgp-api-lib/res/values-ja/strings.xml new file mode 100644 index 00000000..5e337f5a --- /dev/null +++ b/libs/openpgp-api-lib/res/values-ja/strings.xml @@ -0,0 +1,5 @@ +<?xml version='1.0' encoding='UTF-8'?> +<resources> + <string name="openpgp_list_preference_none">無し</string> + <string name="openpgp_install_openkeychain_via">%s 経由でOpenKeychainをインストール</string> +</resources> diff --git a/libs/openpgp-api-lib/res/values-nl/strings.xml b/libs/openpgp-api-lib/res/values-nl/strings.xml new file mode 100644 index 00000000..c757504a --- /dev/null +++ b/libs/openpgp-api-lib/res/values-nl/strings.xml @@ -0,0 +1,2 @@ +<?xml version='1.0' encoding='UTF-8'?> +<resources/> diff --git a/libs/openpgp-api-lib/res/values-pl/strings.xml b/libs/openpgp-api-lib/res/values-pl/strings.xml new file mode 100644 index 00000000..c757504a --- /dev/null +++ b/libs/openpgp-api-lib/res/values-pl/strings.xml @@ -0,0 +1,2 @@ +<?xml version='1.0' encoding='UTF-8'?> +<resources/> diff --git a/libs/openpgp-api-lib/res/values-pt/strings.xml b/libs/openpgp-api-lib/res/values-pt/strings.xml new file mode 100644 index 00000000..c757504a --- /dev/null +++ b/libs/openpgp-api-lib/res/values-pt/strings.xml @@ -0,0 +1,2 @@ +<?xml version='1.0' encoding='UTF-8'?> +<resources/> diff --git a/libs/openpgp-api-lib/res/values-ru/strings.xml b/libs/openpgp-api-lib/res/values-ru/strings.xml new file mode 100644 index 00000000..e8fd1ddf --- /dev/null +++ b/libs/openpgp-api-lib/res/values-ru/strings.xml @@ -0,0 +1,5 @@ +<?xml version='1.0' encoding='UTF-8'?> +<resources> + <string name="openpgp_list_preference_none">Нет</string> + <string name="openpgp_install_openkeychain_via">Установить OpenKeychain через %s</string> +</resources> diff --git a/libs/openpgp-api-lib/res/values-sl/strings.xml b/libs/openpgp-api-lib/res/values-sl/strings.xml new file mode 100644 index 00000000..20bf70b0 --- /dev/null +++ b/libs/openpgp-api-lib/res/values-sl/strings.xml @@ -0,0 +1,5 @@ +<?xml version='1.0' encoding='UTF-8'?> +<resources> + <string name="openpgp_list_preference_none">Brez</string> + <string name="openpgp_install_openkeychain_via">Namesti OpenKeychain prek %s</string> +</resources> diff --git a/libs/openpgp-api-lib/res/values-tr/strings.xml b/libs/openpgp-api-lib/res/values-tr/strings.xml new file mode 100644 index 00000000..c757504a --- /dev/null +++ b/libs/openpgp-api-lib/res/values-tr/strings.xml @@ -0,0 +1,2 @@ +<?xml version='1.0' encoding='UTF-8'?> +<resources/> diff --git a/libs/openpgp-api-lib/res/values-uk/strings.xml b/libs/openpgp-api-lib/res/values-uk/strings.xml new file mode 100644 index 00000000..baf600a9 --- /dev/null +++ b/libs/openpgp-api-lib/res/values-uk/strings.xml @@ -0,0 +1,5 @@ +<?xml version='1.0' encoding='UTF-8'?> +<resources> + <string name="openpgp_list_preference_none">Жоден</string> + <string name="openpgp_install_openkeychain_via">Встановити OpenKeychain через %s</string> +</resources> diff --git a/libs/openpgp-api-lib/res/values-zh/strings.xml b/libs/openpgp-api-lib/res/values-zh/strings.xml new file mode 100644 index 00000000..c757504a --- /dev/null +++ b/libs/openpgp-api-lib/res/values-zh/strings.xml @@ -0,0 +1,2 @@ +<?xml version='1.0' encoding='UTF-8'?> +<resources/> diff --git a/libs/openpgp-api-lib/res/values/strings.xml b/libs/openpgp-api-lib/res/values/strings.xml new file mode 100644 index 00000000..0119831c --- /dev/null +++ b/libs/openpgp-api-lib/res/values/strings.xml @@ -0,0 +1,7 @@ +<?xml version="1.0" encoding="utf-8"?> +<resources> + + <string name="openpgp_list_preference_none">None</string> + <string name="openpgp_install_openkeychain_via">Install OpenKeychain via %s</string> + +</resources>
\ No newline at end of file diff --git a/libs/openpgp-api-lib/src/org/openintents/openpgp/IOpenPgpService.aidl b/libs/openpgp-api-lib/src/org/openintents/openpgp/IOpenPgpService.aidl new file mode 100644 index 00000000..7ee79d6a --- /dev/null +++ b/libs/openpgp-api-lib/src/org/openintents/openpgp/IOpenPgpService.aidl @@ -0,0 +1,24 @@ +/* + * Copyright (C) 2014 Dominik Schürmann <dominik@dominikschuermann.de> + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.openintents.openpgp; + +interface IOpenPgpService { + + // see OpenPgpApi for documentation + Intent execute(in Intent data, in ParcelFileDescriptor input, in ParcelFileDescriptor output); + +}
\ No newline at end of file diff --git a/libs/openpgp-api-lib/src/org/openintents/openpgp/OpenPgpError.java b/libs/openpgp-api-lib/src/org/openintents/openpgp/OpenPgpError.java new file mode 100644 index 00000000..b894a460 --- /dev/null +++ b/libs/openpgp-api-lib/src/org/openintents/openpgp/OpenPgpError.java @@ -0,0 +1,118 @@ +/* + * Copyright (C) 2014 Dominik Schürmann <dominik@dominikschuermann.de> + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.openintents.openpgp; + +import android.os.Parcel; +import android.os.Parcelable; + +/** + * Parcelable versioning has been copied from Dashclock Widget + * https://code.google.com/p/dashclock/source/browse/api/src/main/java/com/google/android/apps/dashclock/api/ExtensionData.java + */ +public class OpenPgpError implements Parcelable { + /** + * Since there might be a case where new versions of the client using the library getting + * old versions of the protocol (and thus old versions of this class), we need a versioning + * system for the parcels sent between the clients and the providers. + */ + public static final int PARCELABLE_VERSION = 1; + + // possible values for errorId + public static final int CLIENT_SIDE_ERROR = -1; + public static final int GENERIC_ERROR = 0; + public static final int INCOMPATIBLE_API_VERSIONS = 1; + public static final int NO_OR_WRONG_PASSPHRASE = 2; + public static final int NO_USER_IDS = 3; + + int errorId; + String message; + + public OpenPgpError() { + } + + public OpenPgpError(int errorId, String message) { + this.errorId = errorId; + this.message = message; + } + + public OpenPgpError(OpenPgpError b) { + this.errorId = b.errorId; + this.message = b.message; + } + + public int getErrorId() { + return errorId; + } + + public void setErrorId(int errorId) { + this.errorId = errorId; + } + + public String getMessage() { + return message; + } + + public void setMessage(String message) { + this.message = message; + } + + public int describeContents() { + return 0; + } + + public void writeToParcel(Parcel dest, int flags) { + /** + * NOTE: When adding fields in the process of updating this API, make sure to bump + * {@link #PARCELABLE_VERSION}. + */ + dest.writeInt(PARCELABLE_VERSION); + // Inject a placeholder that will store the parcel size from this point on + // (not including the size itself). + int sizePosition = dest.dataPosition(); + dest.writeInt(0); + int startPosition = dest.dataPosition(); + // version 1 + dest.writeInt(errorId); + dest.writeString(message); + // Go back and write the size + int parcelableSize = dest.dataPosition() - startPosition; + dest.setDataPosition(sizePosition); + dest.writeInt(parcelableSize); + dest.setDataPosition(startPosition + parcelableSize); + } + + public static final Creator<OpenPgpError> CREATOR = new Creator<OpenPgpError>() { + public OpenPgpError createFromParcel(final Parcel source) { + int parcelableVersion = source.readInt(); + int parcelableSize = source.readInt(); + int startPosition = source.dataPosition(); + + OpenPgpError error = new OpenPgpError(); + error.errorId = source.readInt(); + error.message = source.readString(); + + // skip over all fields added in future versions of this parcel + source.setDataPosition(startPosition + parcelableSize); + + return error; + } + + public OpenPgpError[] newArray(final int size) { + return new OpenPgpError[size]; + } + }; +} diff --git a/libs/openpgp-api-lib/src/org/openintents/openpgp/OpenPgpMetadata.java b/libs/openpgp-api-lib/src/org/openintents/openpgp/OpenPgpMetadata.java new file mode 100644 index 00000000..2a99e406 --- /dev/null +++ b/libs/openpgp-api-lib/src/org/openintents/openpgp/OpenPgpMetadata.java @@ -0,0 +1,132 @@ +/* + * Copyright (C) 2014 Dominik Schürmann <dominik@dominikschuermann.de> + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.openintents.openpgp; + +import android.os.Parcel; +import android.os.Parcelable; + +/** + * Parcelable versioning has been copied from Dashclock Widget + * https://code.google.com/p/dashclock/source/browse/api/src/main/java/com/google/android/apps/dashclock/api/ExtensionData.java + */ +public class OpenPgpMetadata implements Parcelable { + /** + * Since there might be a case where new versions of the client using the library getting + * old versions of the protocol (and thus old versions of this class), we need a versioning + * system for the parcels sent between the clients and the providers. + */ + public static final int PARCELABLE_VERSION = 1; + + String filename; + String mimeType; + long modificationTime; + long originalSize; + + public String getFilename() { + return filename; + } + + public String getMimeType() { + return mimeType; + } + + public long getModificationTime() { + return modificationTime; + } + + public long getOriginalSize() { + return originalSize; + } + + public OpenPgpMetadata() { + } + + public OpenPgpMetadata(String filename, String mimeType, long modificationTime, + long originalSize) { + this.filename = filename; + this.mimeType = mimeType; + this.modificationTime = modificationTime; + this.originalSize = originalSize; + } + + public OpenPgpMetadata(OpenPgpMetadata b) { + this.filename = b.filename; + this.mimeType = b.mimeType; + this.modificationTime = b.modificationTime; + this.originalSize = b.originalSize; + } + + public int describeContents() { + return 0; + } + + public void writeToParcel(Parcel dest, int flags) { + /** + * NOTE: When adding fields in the process of updating this API, make sure to bump + * {@link #PARCELABLE_VERSION}. + */ + dest.writeInt(PARCELABLE_VERSION); + // Inject a placeholder that will store the parcel size from this point on + // (not including the size itself). + int sizePosition = dest.dataPosition(); + dest.writeInt(0); + int startPosition = dest.dataPosition(); + // version 1 + dest.writeString(filename); + dest.writeString(mimeType); + dest.writeLong(modificationTime); + dest.writeLong(originalSize); + // Go back and write the size + int parcelableSize = dest.dataPosition() - startPosition; + dest.setDataPosition(sizePosition); + dest.writeInt(parcelableSize); + dest.setDataPosition(startPosition + parcelableSize); + } + + public static final Creator<OpenPgpMetadata> CREATOR = new Creator<OpenPgpMetadata>() { + public OpenPgpMetadata createFromParcel(final Parcel source) { + int parcelableVersion = source.readInt(); + int parcelableSize = source.readInt(); + int startPosition = source.dataPosition(); + + OpenPgpMetadata vr = new OpenPgpMetadata(); + vr.filename = source.readString(); + vr.mimeType = source.readString(); + vr.modificationTime = source.readLong(); + vr.originalSize = source.readLong(); + + // skip over all fields added in future versions of this parcel + source.setDataPosition(startPosition + parcelableSize); + + return vr; + } + + public OpenPgpMetadata[] newArray(final int size) { + return new OpenPgpMetadata[size]; + } + }; + + @Override + public String toString() { + String out = "\nfilename: " + filename; + out += "\nmimeType: " + mimeType; + out += "\nmodificationTime: " + modificationTime; + out += "\noriginalSize: " + originalSize; + return out; + } + +} diff --git a/libs/openpgp-api-lib/src/org/openintents/openpgp/OpenPgpSignatureResult.java b/libs/openpgp-api-lib/src/org/openintents/openpgp/OpenPgpSignatureResult.java new file mode 100644 index 00000000..dbcd74b6 --- /dev/null +++ b/libs/openpgp-api-lib/src/org/openintents/openpgp/OpenPgpSignatureResult.java @@ -0,0 +1,183 @@ +/* + * Copyright (C) 2014 Dominik Schürmann <dominik@dominikschuermann.de> + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.openintents.openpgp; + +import android.os.Parcel; +import android.os.Parcelable; + +import org.openintents.openpgp.util.OpenPgpUtils; + +import java.util.ArrayList; +import java.util.Locale; + +/** + * Parcelable versioning has been copied from Dashclock Widget + * https://code.google.com/p/dashclock/source/browse/api/src/main/java/com/google/android/apps/dashclock/api/ExtensionData.java + */ +public class OpenPgpSignatureResult implements Parcelable { + /** + * Since there might be a case where new versions of the client using the library getting + * old versions of the protocol (and thus old versions of this class), we need a versioning + * system for the parcels sent between the clients and the providers. + */ + public static final int PARCELABLE_VERSION = 2; + + // generic error on signature verification + public static final int SIGNATURE_ERROR = 0; + // successfully verified signature, with certified key + public static final int SIGNATURE_SUCCESS_CERTIFIED = 1; + // no key was found for this signature verification + public static final int SIGNATURE_KEY_MISSING = 2; + // successfully verified signature, but with uncertified key + public static final int SIGNATURE_SUCCESS_UNCERTIFIED = 3; + // key has been revoked + public static final int SIGNATURE_KEY_REVOKED = 4; + // key is expired + public static final int SIGNATURE_KEY_EXPIRED = 5; + + int status; + boolean signatureOnly; + String primaryUserId; + ArrayList<String> userIds; + long keyId; + + public int getStatus() { + return status; + } + + public void setStatus(int status) { + this.status = status; + } + + public boolean isSignatureOnly() { + return signatureOnly; + } + + public void setSignatureOnly(boolean signatureOnly) { + this.signatureOnly = signatureOnly; + } + + public String getPrimaryUserId() { + return primaryUserId; + } + + public void setPrimaryUserId(String primaryUserId) { + this.primaryUserId = primaryUserId; + } + + public ArrayList<String> getUserIds() { + return userIds; + } + + public void setUserIds(ArrayList<String> userIds) { + this.userIds = userIds; + } + + public long getKeyId() { + return keyId; + } + + public void setKeyId(long keyId) { + this.keyId = keyId; + } + + public OpenPgpSignatureResult() { + + } + + public OpenPgpSignatureResult(int signatureStatus, String signatureUserId, + boolean signatureOnly, long keyId, ArrayList<String> userIds) { + this.status = signatureStatus; + this.signatureOnly = signatureOnly; + this.primaryUserId = signatureUserId; + this.keyId = keyId; + this.userIds = userIds; + } + + public OpenPgpSignatureResult(OpenPgpSignatureResult b) { + this.status = b.status; + this.primaryUserId = b.primaryUserId; + this.signatureOnly = b.signatureOnly; + this.keyId = b.keyId; + this.userIds = b.userIds; + } + + public int describeContents() { + return 0; + } + + public void writeToParcel(Parcel dest, int flags) { + /** + * NOTE: When adding fields in the process of updating this API, make sure to bump + * {@link #PARCELABLE_VERSION}. + */ + dest.writeInt(PARCELABLE_VERSION); + // Inject a placeholder that will store the parcel size from this point on + // (not including the size itself). + int sizePosition = dest.dataPosition(); + dest.writeInt(0); + int startPosition = dest.dataPosition(); + // version 1 + dest.writeInt(status); + dest.writeByte((byte) (signatureOnly ? 1 : 0)); + dest.writeString(primaryUserId); + dest.writeLong(keyId); + // version 2 + dest.writeStringList(userIds); + // Go back and write the size + int parcelableSize = dest.dataPosition() - startPosition; + dest.setDataPosition(sizePosition); + dest.writeInt(parcelableSize); + dest.setDataPosition(startPosition + parcelableSize); + } + + public static final Creator<OpenPgpSignatureResult> CREATOR = new Creator<OpenPgpSignatureResult>() { + public OpenPgpSignatureResult createFromParcel(final Parcel source) { + int parcelableVersion = source.readInt(); + int parcelableSize = source.readInt(); + int startPosition = source.dataPosition(); + + OpenPgpSignatureResult vr = new OpenPgpSignatureResult(); + vr.status = source.readInt(); + vr.signatureOnly = source.readByte() == 1; + vr.primaryUserId = source.readString(); + vr.keyId = source.readLong(); + vr.userIds = new ArrayList<String>(); + source.readStringList(vr.userIds); + + // skip over all fields added in future versions of this parcel + source.setDataPosition(startPosition + parcelableSize); + + return vr; + } + + public OpenPgpSignatureResult[] newArray(final int size) { + return new OpenPgpSignatureResult[size]; + } + }; + + @Override + public String toString() { + String out = "\nstatus: " + status; + out += "\nprimaryUserId: " + primaryUserId; + out += "\nuserIds: " + userIds; + out += "\nsignatureOnly: " + signatureOnly; + out += "\nkeyId: " + OpenPgpUtils.convertKeyIdToHex(keyId); + return out; + } + +} diff --git a/libs/openpgp-api-lib/src/org/openintents/openpgp/util/OpenPgpApi.java b/libs/openpgp-api-lib/src/org/openintents/openpgp/util/OpenPgpApi.java new file mode 100644 index 00000000..3e18ab0c --- /dev/null +++ b/libs/openpgp-api-lib/src/org/openintents/openpgp/util/OpenPgpApi.java @@ -0,0 +1,306 @@ +/* + * Copyright (C) 2014 Dominik Schürmann <dominik@dominikschuermann.de> + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.openintents.openpgp.util; + +import android.annotation.TargetApi; +import android.content.Context; +import android.content.Intent; +import android.os.AsyncTask; +import android.os.Build; +import android.os.ParcelFileDescriptor; +import android.util.Log; + +import org.openintents.openpgp.IOpenPgpService; +import org.openintents.openpgp.OpenPgpError; + +import java.io.InputStream; +import java.io.OutputStream; + +public class OpenPgpApi { + + public static final String TAG = "OpenPgp API"; + + public static final String SERVICE_INTENT = "org.openintents.openpgp.IOpenPgpService"; + + /** + * Version history + * --------------- + * <p/> + * 3: + * - first public stable version + * <p/> + * 4: + * - No changes to existing methods -> backward compatible + * - Introduction of ACTION_DECRYPT_METADATA, RESULT_METADATA, EXTRA_ORIGINAL_FILENAME, and OpenPgpMetadata parcel + * - Introduction of internal NFC extras: EXTRA_NFC_SIGNED_HASH, EXTRA_NFC_SIG_CREATION_TIMESTAMP + * 5: + * - OpenPgpSignatureResult: new consts SIGNATURE_KEY_REVOKED and SIGNATURE_KEY_EXPIRED + * - OpenPgpSignatureResult: ArrayList<String> userIds + */ + public static final int API_VERSION = 5; + + /** + * General extras + * -------------- + * + * required extras: + * int EXTRA_API_VERSION (always required) + * + * returned extras: + * int RESULT_CODE (RESULT_CODE_ERROR, RESULT_CODE_SUCCESS or RESULT_CODE_USER_INTERACTION_REQUIRED) + * OpenPgpError RESULT_ERROR (if RESULT_CODE == RESULT_CODE_ERROR) + * PendingIntent RESULT_INTENT (if RESULT_CODE == RESULT_CODE_USER_INTERACTION_REQUIRED) + */ + + /** + * Sign only + * <p/> + * optional extras: + * boolean EXTRA_REQUEST_ASCII_ARMOR (request ascii armor for output) + * String EXTRA_PASSPHRASE (key passphrase) + */ + public static final String ACTION_SIGN = "org.openintents.openpgp.action.SIGN"; + + /** + * Encrypt + * <p/> + * required extras: + * String[] EXTRA_USER_IDS (=emails of recipients, if more than one key has a user_id, a PendingIntent is returned via RESULT_INTENT) + * or + * long[] EXTRA_KEY_IDS + * <p/> + * optional extras: + * boolean EXTRA_REQUEST_ASCII_ARMOR (request ascii armor for output) + * String EXTRA_PASSPHRASE (key passphrase) + * String EXTRA_ORIGINAL_FILENAME (original filename to be encrypted as metadata) + */ + public static final String ACTION_ENCRYPT = "org.openintents.openpgp.action.ENCRYPT"; + + /** + * Sign and encrypt + * <p/> + * required extras: + * String[] EXTRA_USER_IDS (=emails of recipients, if more than one key has a user_id, a PendingIntent is returned via RESULT_INTENT) + * or + * long[] EXTRA_KEY_IDS + * <p/> + * optional extras: + * boolean EXTRA_REQUEST_ASCII_ARMOR (request ascii armor for output) + * String EXTRA_PASSPHRASE (key passphrase) + * String EXTRA_ORIGINAL_FILENAME (original filename to be encrypted as metadata) + */ + public static final String ACTION_SIGN_AND_ENCRYPT = "org.openintents.openpgp.action.SIGN_AND_ENCRYPT"; + + /** + * Decrypts and verifies given input stream. This methods handles encrypted-only, signed-and-encrypted, + * and also signed-only input. + * <p/> + * If OpenPgpSignatureResult.getStatus() == OpenPgpSignatureResult.SIGNATURE_KEY_MISSING + * in addition a PendingIntent is returned via RESULT_INTENT to download missing keys. + * <p/> + * optional extras: + * boolean EXTRA_REQUEST_ASCII_ARMOR (request ascii armor for output) + * <p/> + * returned extras: + * OpenPgpSignatureResult RESULT_SIGNATURE + * OpenPgpDecryptMetadata RESULT_METADATA + */ + public static final String ACTION_DECRYPT_VERIFY = "org.openintents.openpgp.action.DECRYPT_VERIFY"; + + /** + * Decrypts the header of an encrypted file to retrieve metadata such as original filename. + * <p/> + * This does not decrypt the actual content of the file. + * <p/> + * returned extras: + * OpenPgpDecryptMetadata RESULT_METADATA + */ + public static final String ACTION_DECRYPT_METADATA = "org.openintents.openpgp.action.DECRYPT_METADATA"; + + /** + * Get key ids based on given user ids (=emails) + * <p/> + * required extras: + * String[] EXTRA_USER_IDS + * <p/> + * returned extras: + * long[] RESULT_KEY_IDS + */ + public static final String ACTION_GET_KEY_IDS = "org.openintents.openpgp.action.GET_KEY_IDS"; + + /** + * This action returns RESULT_CODE_SUCCESS if the OpenPGP Provider already has the key + * corresponding to the given key id in its database. + * <p/> + * It returns RESULT_CODE_USER_INTERACTION_REQUIRED if the Provider does not have the key. + * The PendingIntent from RESULT_INTENT can be used to retrieve those from a keyserver. + * <p/> + * required extras: + * long EXTRA_KEY_ID + */ + public static final String ACTION_GET_KEY = "org.openintents.openpgp.action.GET_KEY"; + + /* Intent extras */ + public static final String EXTRA_API_VERSION = "api_version"; + + public static final String EXTRA_ACCOUNT_NAME = "account_name"; + + // SIGN, ENCRYPT, SIGN_AND_ENCRYPT, DECRYPT_VERIFY + // request ASCII Armor for output + // OpenPGP Radix-64, 33 percent overhead compared to binary, see http://tools.ietf.org/html/rfc4880#page-53) + public static final String EXTRA_REQUEST_ASCII_ARMOR = "ascii_armor"; + + // ENCRYPT, SIGN_AND_ENCRYPT + public static final String EXTRA_USER_IDS = "user_ids"; + public static final String EXTRA_KEY_IDS = "key_ids"; + // optional extras: + public static final String EXTRA_PASSPHRASE = "passphrase"; + public static final String EXTRA_ORIGINAL_FILENAME = "original_filename"; + + // internal NFC states + public static final String EXTRA_NFC_SIGNED_HASH = "nfc_signed_hash"; + public static final String EXTRA_NFC_SIG_CREATION_TIMESTAMP = "nfc_sig_creation_timestamp"; + public static final String EXTRA_NFC_DECRYPTED_SESSION_KEY = "nfc_decrypted_session_key"; + + // GET_KEY + public static final String EXTRA_KEY_ID = "key_id"; + public static final String RESULT_KEY_IDS = "key_ids"; + + /* Service Intent returns */ + public static final String RESULT_CODE = "result_code"; + + // get actual error object from RESULT_ERROR + public static final int RESULT_CODE_ERROR = 0; + // success! + public static final int RESULT_CODE_SUCCESS = 1; + // get PendingIntent from RESULT_INTENT, start PendingIntent with startIntentSenderForResult, + // and execute service method again in onActivityResult + public static final int RESULT_CODE_USER_INTERACTION_REQUIRED = 2; + + public static final String RESULT_ERROR = "error"; + public static final String RESULT_INTENT = "intent"; + + // DECRYPT_VERIFY + public static final String RESULT_SIGNATURE = "signature"; + public static final String RESULT_METADATA = "metadata"; + + IOpenPgpService mService; + Context mContext; + + public OpenPgpApi(Context context, IOpenPgpService service) { + this.mContext = context; + this.mService = service; + } + + public interface IOpenPgpCallback { + void onReturn(final Intent result); + } + + private class OpenPgpAsyncTask extends AsyncTask<Void, Integer, Intent> { + Intent data; + InputStream is; + OutputStream os; + IOpenPgpCallback callback; + + private OpenPgpAsyncTask(Intent data, InputStream is, OutputStream os, IOpenPgpCallback callback) { + this.data = data; + this.is = is; + this.os = os; + this.callback = callback; + } + + @Override + protected Intent doInBackground(Void... unused) { + return executeApi(data, is, os); + } + + protected void onPostExecute(Intent result) { + callback.onReturn(result); + } + + } + + @TargetApi(Build.VERSION_CODES.HONEYCOMB) + public void executeApiAsync(Intent data, InputStream is, OutputStream os, IOpenPgpCallback callback) { + OpenPgpAsyncTask task = new OpenPgpAsyncTask(data, is, os, callback); + + // don't serialize async tasks! + // http://commonsware.com/blog/2012/04/20/asynctask-threading-regression-confirmed.html + if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.HONEYCOMB) { + task.executeOnExecutor(AsyncTask.THREAD_POOL_EXECUTOR, (Void[]) null); + } else { + task.execute((Void[]) null); + } + } + + public Intent executeApi(Intent data, InputStream is, OutputStream os) { + try { + data.putExtra(EXTRA_API_VERSION, OpenPgpApi.API_VERSION); + + Intent result; + + // pipe the input and output + ParcelFileDescriptor input = null; + if (is != null) { + input = ParcelFileDescriptorUtil.pipeFrom(is, + new ParcelFileDescriptorUtil.IThreadListener() { + + @Override + public void onThreadFinished(Thread thread) { + //Log.d(OpenPgpApi.TAG, "Copy to service finished"); + } + } + ); + } + ParcelFileDescriptor output = null; + if (os != null) { + output = ParcelFileDescriptorUtil.pipeTo(os, + new ParcelFileDescriptorUtil.IThreadListener() { + + @Override + public void onThreadFinished(Thread thread) { + //Log.d(OpenPgpApi.TAG, "Service finished writing!"); + } + } + ); + } + + // blocks until result is ready + result = mService.execute(data, input, output); + // close() is required to halt the TransferThread + if (output != null) { + output.close(); + } + // TODO: close input? + + // set class loader to current context to allow unparcelling + // of OpenPgpError and OpenPgpSignatureResult + // http://stackoverflow.com/a/3806769 + result.setExtrasClassLoader(mContext.getClassLoader()); + + return result; + } catch (Exception e) { + Log.e(OpenPgpApi.TAG, "Exception in executeApi call", e); + Intent result = new Intent(); + result.putExtra(RESULT_CODE, RESULT_CODE_ERROR); + result.putExtra(RESULT_ERROR, + new OpenPgpError(OpenPgpError.CLIENT_SIDE_ERROR, e.getMessage())); + return result; + } + } + +} diff --git a/libs/openpgp-api-lib/src/org/openintents/openpgp/util/OpenPgpListPreference.java b/libs/openpgp-api-lib/src/org/openintents/openpgp/util/OpenPgpListPreference.java new file mode 100644 index 00000000..cf586462 --- /dev/null +++ b/libs/openpgp-api-lib/src/org/openintents/openpgp/util/OpenPgpListPreference.java @@ -0,0 +1,257 @@ +/* + * Copyright (C) 2014 Dominik Schürmann <dominik@dominikschuermann.de> + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.openintents.openpgp.util; + +import android.app.AlertDialog.Builder; +import android.content.Context; +import android.content.DialogInterface; +import android.content.Intent; +import android.content.pm.ResolveInfo; +import android.content.res.TypedArray; +import android.graphics.drawable.Drawable; +import android.net.Uri; +import android.preference.DialogPreference; +import android.util.AttributeSet; +import android.view.View; +import android.view.ViewGroup; +import android.widget.ArrayAdapter; +import android.widget.ListAdapter; +import android.widget.TextView; +import org.openintents.openpgp.R; + +import java.util.ArrayList; +import java.util.List; + +/** + * Does not extend ListPreference, but is very similar to it! + * http://grepcode.com/file_/repository.grepcode.com/java/ext/com.google.android/android/4.4_r1/android/preference/ListPreference.java/?v=source + */ +public class OpenPgpListPreference extends DialogPreference { + private static final String OPENKEYCHAIN_PACKAGE = "org.sufficientlysecure.keychain"; + private static final String MARKET_INTENT_URI_BASE = "market://details?id=%s"; + private static final Intent MARKET_INTENT = new Intent(Intent.ACTION_VIEW, Uri.parse( + String.format(MARKET_INTENT_URI_BASE, OPENKEYCHAIN_PACKAGE))); + + private ArrayList<OpenPgpProviderEntry> mLegacyList = new ArrayList<OpenPgpProviderEntry>(); + private ArrayList<OpenPgpProviderEntry> mList = new ArrayList<OpenPgpProviderEntry>(); + + private String mSelectedPackage; + + public OpenPgpListPreference(Context context, AttributeSet attrs) { + super(context, attrs); + } + + public OpenPgpListPreference(Context context) { + this(context, null); + } + + /** + * Public method to add new entries for legacy applications + * + * @param packageName + * @param simpleName + * @param icon + */ + public void addLegacyProvider(int position, String packageName, String simpleName, Drawable icon) { + mLegacyList.add(position, new OpenPgpProviderEntry(packageName, simpleName, icon)); + } + + @Override + protected void onPrepareDialogBuilder(Builder builder) { + mList.clear(); + + // add "none"-entry + mList.add(0, new OpenPgpProviderEntry("", + getContext().getString(R.string.openpgp_list_preference_none), + getContext().getResources().getDrawable(R.drawable.ic_action_cancel_launchersize))); + + // add all additional (legacy) providers + mList.addAll(mLegacyList); + + // search for OpenPGP providers... + ArrayList<OpenPgpProviderEntry> providerList = new ArrayList<OpenPgpProviderEntry>(); + Intent intent = new Intent(OpenPgpApi.SERVICE_INTENT); + List<ResolveInfo> resInfo = getContext().getPackageManager().queryIntentServices(intent, 0); + if (!resInfo.isEmpty()) { + for (ResolveInfo resolveInfo : resInfo) { + if (resolveInfo.serviceInfo == null) + continue; + + String packageName = resolveInfo.serviceInfo.packageName; + String simpleName = String.valueOf(resolveInfo.serviceInfo.loadLabel(getContext() + .getPackageManager())); + Drawable icon = resolveInfo.serviceInfo.loadIcon(getContext().getPackageManager()); + + providerList.add(new OpenPgpProviderEntry(packageName, simpleName, icon)); + } + } + + if (providerList.isEmpty()) { + // add install links if provider list is empty + resInfo = getContext().getPackageManager().queryIntentActivities + (MARKET_INTENT, 0); + for (ResolveInfo resolveInfo : resInfo) { + Intent marketIntent = new Intent(MARKET_INTENT); + marketIntent.setPackage(resolveInfo.activityInfo.packageName); + Drawable icon = resolveInfo.activityInfo.loadIcon(getContext().getPackageManager()); + String marketName = String.valueOf(resolveInfo.activityInfo.applicationInfo + .loadLabel(getContext().getPackageManager())); + String simpleName = String.format(getContext().getString(R.string + .openpgp_install_openkeychain_via), marketName); + mList.add(new OpenPgpProviderEntry(OPENKEYCHAIN_PACKAGE, simpleName, + icon, marketIntent)); + } + } else { + // add provider + mList.addAll(providerList); + } + + // Init ArrayAdapter with OpenPGP Providers + ListAdapter adapter = new ArrayAdapter<OpenPgpProviderEntry>(getContext(), + android.R.layout.select_dialog_singlechoice, android.R.id.text1, mList) { + public View getView(int position, View convertView, ViewGroup parent) { + // User super class to create the View + View v = super.getView(position, convertView, parent); + TextView tv = (TextView) v.findViewById(android.R.id.text1); + + // Put the image on the TextView + tv.setCompoundDrawablesWithIntrinsicBounds(mList.get(position).icon, null, + null, null); + + // Add margin between image and text (support various screen densities) + int dp10 = (int) (10 * getContext().getResources().getDisplayMetrics().density + 0.5f); + tv.setCompoundDrawablePadding(dp10); + + return v; + } + }; + + builder.setSingleChoiceItems(adapter, getIndexOfProviderList(getValue()), + new DialogInterface.OnClickListener() { + + @Override + public void onClick(DialogInterface dialog, int which) { + OpenPgpProviderEntry entry = mList.get(which); + + if (entry.intent != null) { + /* + * Intents are called as activity + * + * Current approach is to assume the user installed the app. + * If he does not, the selected package is not valid. + * + * However applications should always consider this could happen, + * as the user might remove the currently used OpenPGP app. + */ + getContext().startActivity(entry.intent); + } + + mSelectedPackage = entry.packageName; + + /* + * Clicking on an item simulates the positive button click, and dismisses + * the dialog. + */ + OpenPgpListPreference.this.onClick(dialog, DialogInterface.BUTTON_POSITIVE); + dialog.dismiss(); + } + }); + + /* + * The typical interaction for list-based dialogs is to have click-on-an-item dismiss the + * dialog instead of the user having to press 'Ok'. + */ + builder.setPositiveButton(null, null); + } + + @Override + protected void onDialogClosed(boolean positiveResult) { + super.onDialogClosed(positiveResult); + + if (positiveResult && (mSelectedPackage != null)) { + if (callChangeListener(mSelectedPackage)) { + setValue(mSelectedPackage); + } + } + } + + private int getIndexOfProviderList(String packageName) { + for (OpenPgpProviderEntry app : mList) { + if (app.packageName.equals(packageName)) { + return mList.indexOf(app); + } + } + + return -1; + } + + public void setValue(String packageName) { + mSelectedPackage = packageName; + persistString(packageName); + } + + public String getValue() { + return mSelectedPackage; + } + + public String getEntry() { + return getEntryByValue(mSelectedPackage); + } + + @Override + protected Object onGetDefaultValue(TypedArray a, int index) { + return a.getString(index); + } + + @Override + protected void onSetInitialValue(boolean restoreValue, Object defaultValue) { + setValue(restoreValue ? getPersistedString(mSelectedPackage) : (String) defaultValue); + } + + public String getEntryByValue(String packageName) { + for (OpenPgpProviderEntry app : mList) { + if (app.packageName.equals(packageName)) { + return app.simpleName; + } + } + + return null; + } + + private static class OpenPgpProviderEntry { + private String packageName; + private String simpleName; + private Drawable icon; + private Intent intent; + + public OpenPgpProviderEntry(String packageName, String simpleName, Drawable icon) { + this.packageName = packageName; + this.simpleName = simpleName; + this.icon = icon; + } + + public OpenPgpProviderEntry(String packageName, String simpleName, Drawable icon, Intent intent) { + this(packageName, simpleName, icon); + this.intent = intent; + } + + @Override + public String toString() { + return simpleName; + } + } +} diff --git a/libs/openpgp-api-lib/src/org/openintents/openpgp/util/OpenPgpServiceConnection.java b/libs/openpgp-api-lib/src/org/openintents/openpgp/util/OpenPgpServiceConnection.java new file mode 100644 index 00000000..15096d9e --- /dev/null +++ b/libs/openpgp-api-lib/src/org/openintents/openpgp/util/OpenPgpServiceConnection.java @@ -0,0 +1,124 @@ +/* + * Copyright (C) 2014 Dominik Schürmann <dominik@dominikschuermann.de> + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.openintents.openpgp.util; + +import android.content.ComponentName; +import android.content.Context; +import android.content.Intent; +import android.content.ServiceConnection; +import android.os.IBinder; + +import org.openintents.openpgp.IOpenPgpService; + +public class OpenPgpServiceConnection { + + // callback interface + public interface OnBound { + public void onBound(IOpenPgpService service); + + public void onError(Exception e); + } + + private Context mApplicationContext; + + private IOpenPgpService mService; + private String mProviderPackageName; + + private OnBound mOnBoundListener; + + /** + * Create new connection + * + * @param context + * @param providerPackageName specify package name of OpenPGP provider, + * e.g., "org.sufficientlysecure.keychain" + */ + public OpenPgpServiceConnection(Context context, String providerPackageName) { + this.mApplicationContext = context.getApplicationContext(); + this.mProviderPackageName = providerPackageName; + } + + /** + * Create new connection with callback + * + * @param context + * @param providerPackageName specify package name of OpenPGP provider, + * e.g., "org.sufficientlysecure.keychain" + * @param onBoundListener callback, executed when connection to service has been established + */ + public OpenPgpServiceConnection(Context context, String providerPackageName, + OnBound onBoundListener) { + this(context, providerPackageName); + this.mOnBoundListener = onBoundListener; + } + + public IOpenPgpService getService() { + return mService; + } + + public boolean isBound() { + return (mService != null); + } + + private ServiceConnection mServiceConnection = new ServiceConnection() { + public void onServiceConnected(ComponentName name, IBinder service) { + mService = IOpenPgpService.Stub.asInterface(service); + if (mOnBoundListener != null) { + mOnBoundListener.onBound(mService); + } + } + + public void onServiceDisconnected(ComponentName name) { + mService = null; + } + }; + + /** + * If not already bound, bind to service! + * + * @return + */ + public void bindToService() { + // if not already bound... + if (mService == null) { + try { + Intent serviceIntent = new Intent(OpenPgpApi.SERVICE_INTENT); + // NOTE: setPackage is very important to restrict the intent to this provider only! + serviceIntent.setPackage(mProviderPackageName); + boolean connect = mApplicationContext.bindService(serviceIntent, mServiceConnection, + Context.BIND_AUTO_CREATE); + if (!connect) { + throw new Exception("bindService() returned false!"); + } + } catch (Exception e) { + if (mOnBoundListener != null) { + mOnBoundListener.onError(e); + } + } + } else { + // already bound, but also inform client about it with callback + if (mOnBoundListener != null) { + mOnBoundListener.onBound(mService); + } + } + } + + public void unbindFromService() { + mApplicationContext.unbindService(mServiceConnection); + } + +} diff --git a/libs/openpgp-api-lib/src/org/openintents/openpgp/util/OpenPgpUtils.java b/libs/openpgp-api-lib/src/org/openintents/openpgp/util/OpenPgpUtils.java new file mode 100644 index 00000000..416b2841 --- /dev/null +++ b/libs/openpgp-api-lib/src/org/openintents/openpgp/util/OpenPgpUtils.java @@ -0,0 +1,76 @@ +/* + * Copyright (C) 2014 Dominik Schürmann <dominik@dominikschuermann.de> + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.openintents.openpgp.util; + +import java.util.List; +import java.util.Locale; +import java.util.regex.Matcher; +import java.util.regex.Pattern; + +import android.content.Context; +import android.content.Intent; +import android.content.pm.ResolveInfo; + +public class OpenPgpUtils { + + public static final Pattern PGP_MESSAGE = Pattern.compile( + ".*?(-----BEGIN PGP MESSAGE-----.*?-----END PGP MESSAGE-----).*", + Pattern.DOTALL); + + public static final Pattern PGP_SIGNED_MESSAGE = Pattern.compile( + ".*?(-----BEGIN PGP SIGNED MESSAGE-----.*?-----BEGIN PGP SIGNATURE-----.*?-----END PGP SIGNATURE-----).*", + Pattern.DOTALL); + + public static final int PARSE_RESULT_NO_PGP = -1; + public static final int PARSE_RESULT_MESSAGE = 0; + public static final int PARSE_RESULT_SIGNED_MESSAGE = 1; + + public static int parseMessage(String message) { + Matcher matcherSigned = PGP_SIGNED_MESSAGE.matcher(message); + Matcher matcherMessage = PGP_MESSAGE.matcher(message); + + if (matcherMessage.matches()) { + return PARSE_RESULT_MESSAGE; + } else if (matcherSigned.matches()) { + return PARSE_RESULT_SIGNED_MESSAGE; + } else { + return PARSE_RESULT_NO_PGP; + } + } + + public static boolean isAvailable(Context context) { + Intent intent = new Intent(OpenPgpApi.SERVICE_INTENT); + List<ResolveInfo> resInfo = context.getPackageManager().queryIntentServices(intent, 0); + if (!resInfo.isEmpty()) { + return true; + } else { + return false; + } + } + + public static String convertKeyIdToHex(long keyId) { + return "0x" + convertKeyIdToHex32bit(keyId >> 32) + convertKeyIdToHex32bit(keyId); + } + + private static String convertKeyIdToHex32bit(long keyId) { + String hexString = Long.toHexString(keyId & 0xffffffffL).toLowerCase(Locale.ENGLISH); + while (hexString.length() < 8) { + hexString = "0" + hexString; + } + return hexString; + } +} diff --git a/libs/openpgp-api-lib/src/org/openintents/openpgp/util/ParcelFileDescriptorUtil.java b/libs/openpgp-api-lib/src/org/openintents/openpgp/util/ParcelFileDescriptorUtil.java new file mode 100644 index 00000000..4fd4b39a --- /dev/null +++ b/libs/openpgp-api-lib/src/org/openintents/openpgp/util/ParcelFileDescriptorUtil.java @@ -0,0 +1,106 @@ +/* + * Copyright (C) 2014 Dominik Schürmann <dominik@dominikschuermann.de> + * 2013 Florian Schmaus <flo@geekplace.eu> + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.openintents.openpgp.util; + +import android.os.ParcelFileDescriptor; + +import java.io.IOException; +import java.io.InputStream; +import java.io.OutputStream; + +/** + * Partially based on <a href="http://stackoverflow.com/questions/18212152/">Stackoverflow: Transfer InputStream to another Service (across process boundaries)</a> + **/ +public class ParcelFileDescriptorUtil { + + public interface IThreadListener { + void onThreadFinished(final Thread thread); + } + + public static ParcelFileDescriptor pipeFrom(InputStream inputStream, IThreadListener listener) + throws IOException { + ParcelFileDescriptor[] pipe = ParcelFileDescriptor.createPipe(); + ParcelFileDescriptor readSide = pipe[0]; + ParcelFileDescriptor writeSide = pipe[1]; + + // start the transfer thread + new TransferThread(inputStream, new ParcelFileDescriptor.AutoCloseOutputStream(writeSide), + listener) + .start(); + + return readSide; + } + + public static ParcelFileDescriptor pipeTo(OutputStream outputStream, IThreadListener listener) + throws IOException { + ParcelFileDescriptor[] pipe = ParcelFileDescriptor.createPipe(); + ParcelFileDescriptor readSide = pipe[0]; + ParcelFileDescriptor writeSide = pipe[1]; + + // start the transfer thread + new TransferThread(new ParcelFileDescriptor.AutoCloseInputStream(readSide), outputStream, + listener) + .start(); + + return writeSide; + } + + static class TransferThread extends Thread { + final InputStream mIn; + final OutputStream mOut; + final IThreadListener mListener; + + TransferThread(InputStream in, OutputStream out, IThreadListener listener) { + super("ParcelFileDescriptor Transfer Thread"); + mIn = in; + mOut = out; + mListener = listener; + setDaemon(true); + } + + @Override + public void run() { + byte[] buf = new byte[1024]; + int len; + + try { + while ((len = mIn.read(buf)) > 0) { + mOut.write(buf, 0, len); + } + mOut.flush(); // just to be safe + } catch (IOException e) { + //Log.e(OpenPgpApi.TAG, "TransferThread" + getId() + ": writing failed", e); + } finally { + try { + mIn.close(); + } catch (IOException e) { + //Log.e(OpenPgpApi.TAG, "TransferThread" + getId(), e); + } + try { + mOut.close(); + } catch (IOException e) { + //Log.e(OpenPgpApi.TAG, "TransferThread" + getId(), e); + } + } + if (mListener != null) { + //Log.d(OpenPgpApi.TAG, "TransferThread " + getId() + " finished!"); + mListener.onThreadFinished(this); + } + } + } +} diff --git a/libs/otr4j-0.10.jar b/libs/otr4j-0.10.jar Binary files differdeleted file mode 100644 index d4fc3a91..00000000 --- a/libs/otr4j-0.10.jar +++ /dev/null |