diff options
author | pacien | 2018-08-07 01:08:22 +0200 |
---|---|---|
committer | pacien | 2018-08-07 01:08:22 +0200 |
commit | 9d8846e105904b31478ed19d3a34c0d62708abcf (patch) | |
tree | 1b2bcaa01751d2f681e8ff847bc7cc57b42fa85e /app/src/main/java/org/pacien/tincapp/utils | |
parent | 20dce2236257a002a1f143ee4115e1849178ac78 (diff) | |
download | tincapp-9d8846e105904b31478ed19d3a34c0d62708abcf.tar.gz |
Revert "Rename source directory"
This reverts commit dbba24e
Diffstat (limited to 'app/src/main/java/org/pacien/tincapp/utils')
3 files changed, 187 insertions, 0 deletions
diff --git a/app/src/main/java/org/pacien/tincapp/utils/PemUtils.kt b/app/src/main/java/org/pacien/tincapp/utils/PemUtils.kt new file mode 100644 index 0000000..e7bac9e --- /dev/null +++ b/app/src/main/java/org/pacien/tincapp/utils/PemUtils.kt | |||
@@ -0,0 +1,94 @@ | |||
1 | /* | ||
2 | * Tinc App, an Android binding and user interface for the tinc mesh VPN daemon | ||
3 | * Copyright (C) 2017-2018 Pacien TRAN-GIRARD | ||
4 | * | ||
5 | * This program is free software: you can redistribute it and/or modify | ||
6 | * it under the terms of the GNU General Public License as published by | ||
7 | * the Free Software Foundation, either version 3 of the License, or | ||
8 | * (at your option) any later version. | ||
9 | * | ||
10 | * This program is distributed in the hope that it will be useful, | ||
11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
13 | * GNU General Public License for more details. | ||
14 | * | ||
15 | * You should have received a copy of the GNU General Public License | ||
16 | * along with this program. If not, see <https://www.gnu.org/licenses/>. | ||
17 | */ | ||
18 | |||
19 | package org.pacien.tincapp.utils | ||
20 | |||
21 | import org.bouncycastle.openssl.PEMException | ||
22 | import org.bouncycastle.openssl.PEMParser | ||
23 | import org.bouncycastle.openssl.jcajce.JcaPEMWriter | ||
24 | import org.bouncycastle.openssl.jcajce.JcePEMDecryptorProviderBuilder | ||
25 | import org.bouncycastle.openssl.jcajce.JcePEMEncryptorBuilder | ||
26 | import org.bouncycastle.util.encoders.Hex | ||
27 | import org.bouncycastle.util.io.pem.PemHeader | ||
28 | import org.bouncycastle.util.io.pem.PemObject | ||
29 | import java.io.File | ||
30 | import java.io.FileReader | ||
31 | import java.io.Writer | ||
32 | |||
33 | /** | ||
34 | * @author pacien | ||
35 | */ | ||
36 | object PemUtils { | ||
37 | private const val DEK_INFO_HEADER_KEY = "DEK-Info" | ||
38 | private const val ALGORITHM = "AES-256-CBC" | ||
39 | private val PROVIDER = org.bouncycastle.jce.provider.BouncyCastleProvider() | ||
40 | private val ENCRYPTED_PROC_TYPE_HEADER = PemHeader("Proc-Type", "4,ENCRYPTED") | ||
41 | |||
42 | private class DekInfo(val algName: String, val iv: ByteArray) | ||
43 | |||
44 | private fun dekInfoHeader(iv: ByteArray) = PemHeader(DEK_INFO_HEADER_KEY, "$ALGORITHM,${Hex.toHexString(iv)}") | ||
45 | |||
46 | private fun PemObject.getPemHeaders() = headers.map { headerObj -> headerObj as PemHeader } | ||
47 | |||
48 | private fun PemObject.dekInfo() = try { | ||
49 | getPemHeaders() | ||
50 | .find { header -> header.name == DEK_INFO_HEADER_KEY }!! | ||
51 | .value!! | ||
52 | .split(',') | ||
53 | .let { headerParts -> DekInfo(headerParts[0], Hex.decode(headerParts[1])) } | ||
54 | } catch (e: Exception) { | ||
55 | throw PEMException("Malformed DEK-Info header.", e) | ||
56 | } | ||
57 | |||
58 | private fun encryptor(passPhrase: String) = | ||
59 | JcePEMEncryptorBuilder(ALGORITHM) | ||
60 | .setProvider(PROVIDER) | ||
61 | .build(passPhrase.toCharArray())!! | ||
62 | |||
63 | private fun decryptor(algName: String, passPhrase: String?) = | ||
64 | JcePEMDecryptorProviderBuilder() | ||
65 | .setProvider(PROVIDER) | ||
66 | .build(passPhrase?.toCharArray()) | ||
67 | .get(algName)!! | ||
68 | |||
69 | fun read(f: File) = PEMParser(FileReader(f)).readPemObject()!! | ||
70 | |||
71 | fun write(obj: PemObject, out: Writer) = | ||
72 | JcaPEMWriter(out) | ||
73 | .apply { writeObject(obj) } | ||
74 | .apply { close() } | ||
75 | |||
76 | fun isEncrypted(obj: PemObject) = obj.headers.contains(ENCRYPTED_PROC_TYPE_HEADER) | ||
77 | |||
78 | fun encrypt(obj: PemObject, passPhrase: String): PemObject { | ||
79 | val encryptor = encryptor(passPhrase) | ||
80 | val headers = listOf(ENCRYPTED_PROC_TYPE_HEADER, dekInfoHeader(encryptor.iv)) | ||
81 | val body = encryptor.encrypt(obj.content) | ||
82 | return PemObject(obj.type, headers, body) | ||
83 | } | ||
84 | |||
85 | fun decrypt(obj: PemObject, passPhrase: String?): PemObject = | ||
86 | if (isEncrypted(obj)) { | ||
87 | val dekInfo = obj.dekInfo() | ||
88 | val decryptor = decryptor(dekInfo.algName, passPhrase) | ||
89 | val body = decryptor.decrypt(obj.content, dekInfo.iv) | ||
90 | PemObject(obj.type, body) | ||
91 | } else { | ||
92 | obj | ||
93 | } | ||
94 | } | ||
diff --git a/app/src/main/java/org/pacien/tincapp/utils/ProgressModal.kt b/app/src/main/java/org/pacien/tincapp/utils/ProgressModal.kt new file mode 100644 index 0000000..53eb651 --- /dev/null +++ b/app/src/main/java/org/pacien/tincapp/utils/ProgressModal.kt | |||
@@ -0,0 +1,49 @@ | |||
1 | /* | ||
2 | * Tinc App, an Android binding and user interface for the tinc mesh VPN daemon | ||
3 | * Copyright (C) 2017-2018 Pacien TRAN-GIRARD | ||
4 | * | ||
5 | * This program is free software: you can redistribute it and/or modify | ||
6 | * it under the terms of the GNU General Public License as published by | ||
7 | * the Free Software Foundation, either version 3 of the License, or | ||
8 | * (at your option) any later version. | ||
9 | * | ||
10 | * This program is distributed in the hope that it will be useful, | ||
11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
13 | * GNU General Public License for more details. | ||
14 | * | ||
15 | * You should have received a copy of the GNU General Public License | ||
16 | * along with this program. If not, see <https://www.gnu.org/licenses/>. | ||
17 | */ | ||
18 | |||
19 | package org.pacien.tincapp.utils | ||
20 | |||
21 | import android.annotation.SuppressLint | ||
22 | import android.app.Activity | ||
23 | import android.support.v7.app.AlertDialog | ||
24 | import android.view.LayoutInflater | ||
25 | import android.view.View | ||
26 | import android.widget.TextView | ||
27 | import org.pacien.tincapp.R | ||
28 | |||
29 | /** | ||
30 | * An indefinite progress dialog replacing the deprecated `android.app.ProgressDialog`. | ||
31 | * | ||
32 | * @author pacien | ||
33 | */ | ||
34 | object ProgressModal { | ||
35 | fun show(context: Activity, text: String): AlertDialog { | ||
36 | return AlertDialog.Builder(context) | ||
37 | .setView(newDialogView(context.layoutInflater, text)) | ||
38 | .setCancelable(false) | ||
39 | .show() | ||
40 | } | ||
41 | |||
42 | @SuppressLint("InflateParams") | ||
43 | private fun newDialogView(inflater: LayoutInflater, text: String): View { | ||
44 | val view = inflater.inflate(R.layout.common_progress_dialog, null) | ||
45 | val textView: TextView = view.findViewById(R.id.common_progress_dialog_text) | ||
46 | textView.text = text | ||
47 | return view | ||
48 | } | ||
49 | } | ||
diff --git a/app/src/main/java/org/pacien/tincapp/utils/TincKeyring.kt b/app/src/main/java/org/pacien/tincapp/utils/TincKeyring.kt new file mode 100644 index 0000000..bae38ac --- /dev/null +++ b/app/src/main/java/org/pacien/tincapp/utils/TincKeyring.kt | |||
@@ -0,0 +1,44 @@ | |||
1 | /* | ||
2 | * Tinc App, an Android binding and user interface for the tinc mesh VPN daemon | ||
3 | * Copyright (C) 2017-2018 Pacien TRAN-GIRARD | ||
4 | * | ||
5 | * This program is free software: you can redistribute it and/or modify | ||
6 | * it under the terms of the GNU General Public License as published by | ||
7 | * the Free Software Foundation, either version 3 of the License, or | ||
8 | * (at your option) any later version. | ||
9 | * | ||
10 | * This program is distributed in the hope that it will be useful, | ||
11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
13 | * GNU General Public License for more details. | ||
14 | * | ||
15 | * You should have received a copy of the GNU General Public License | ||
16 | * along with this program. If not, see <https://www.gnu.org/licenses/>. | ||
17 | */ | ||
18 | |||
19 | package org.pacien.tincapp.utils | ||
20 | |||
21 | import android.os.ParcelFileDescriptor | ||
22 | import org.pacien.tincapp.commands.TincApp | ||
23 | import java.io.File | ||
24 | import java.io.FileNotFoundException | ||
25 | |||
26 | /** | ||
27 | * @author pacien | ||
28 | */ | ||
29 | object TincKeyring { | ||
30 | fun needsPassphrase(netName: String) = try { | ||
31 | TincApp.listPrivateKeys(netName).filter { it.exists() }.any { PemUtils.isEncrypted(PemUtils.read(it)) } | ||
32 | } catch (e: FileNotFoundException) { | ||
33 | false | ||
34 | } | ||
35 | |||
36 | fun openPrivateKey(f: File?, passphrase: String?): ParcelFileDescriptor? { | ||
37 | if (f == null || !f.exists() || passphrase == null) return null | ||
38 | val pipe = ParcelFileDescriptor.createPipe() | ||
39 | val decryptedKey = PemUtils.decrypt(PemUtils.read(f), passphrase) | ||
40 | val outputStream = ParcelFileDescriptor.AutoCloseOutputStream(pipe[1]) | ||
41 | PemUtils.write(decryptedKey, outputStream.writer()) | ||
42 | return pipe[0] | ||
43 | } | ||
44 | } | ||