cthrace/open-keychain
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge branch 'master' into v/multi-decrypt

Browse Source
This commit is contained in:
Vincent Breitmoser
2015-06-26 15:40:38 +02:00
parent 4f23161d93 56ef0f320b
commit 0077891f1d
5 changed files with 17 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
OpenKeychain/src/debug/res/values/strings.xml Normal file
View File

@@ -0,0 +1,4 @@
<?xml version="1.0" encoding="utf-8"?>
<resources>
<string name="app_name">"OpenKeychain (Debug)"</string>
</resources>

2
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/Constants.java
View File

@@ -23,6 +23,8 @@ import org.spongycastle.bcpg.HashAlgorithmTags;
import org.spongycastle.bcpg.SymmetricKeyAlgorithmTags; import org.spongycastle.bcpg.SymmetricKeyAlgorithmTags;
import org.spongycastle.jce.provider.BouncyCastleProvider; import org.spongycastle.jce.provider.BouncyCastleProvider;
import org.sufficientlysecure.keychain.BuildConfig;
import java.io.File; import java.io.File;
public final class Constants { public final class Constants {

1
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/KeychainApplication.java
View File

@@ -34,6 +34,7 @@ import android.widget.Toast;
import org.spongycastle.jce.provider.BouncyCastleProvider; import org.spongycastle.jce.provider.BouncyCastleProvider;
import org.sufficientlysecure.keychain.provider.TemporaryStorageProvider; import org.sufficientlysecure.keychain.provider.TemporaryStorageProvider;
import org.sufficientlysecure.keychain.R;
import org.sufficientlysecure.keychain.ui.ConsolidateDialogActivity; import org.sufficientlysecure.keychain.ui.ConsolidateDialogActivity;
import org.sufficientlysecure.keychain.util.Log; import org.sufficientlysecure.keychain.util.Log;
import org.sufficientlysecure.keychain.util.PRNGFixes; import org.sufficientlysecure.keychain.util.PRNGFixes;

23
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/RemoteService.java
View File

@@ -17,6 +17,7 @@
package org.sufficientlysecure.keychain.remote; package org.sufficientlysecure.keychain.remote;
import android.annotation.SuppressLint;
import android.app.PendingIntent; import android.app.PendingIntent;
import android.app.Service; import android.app.Service;
import android.content.Context; import android.content.Context;
@@ -65,12 +66,11 @@ public abstract class RemoteService extends Service {
/** /**
* Checks if caller is allowed to access the API * Checks if caller is allowed to access the API
* *
* @param data
* @return null if caller is allowed, or a Bundle with a PendingIntent * @return null if caller is allowed, or a Bundle with a PendingIntent
*/ */
protected Intent isAllowed(Intent data) { protected Intent isAllowed(Intent data) {
try { try {
if (isCallerAllowed(false)) { if (isCallerAllowed()) {
return null; return null;
} else { } else {
String packageName = getCurrentCallingPackage(); String packageName = getCurrentCallingPackage();
@@ -130,8 +130,8 @@ public abstract class RemoteService extends Service {
} }
private byte[] getPackageCertificate(String packageName) throws NameNotFoundException { private byte[] getPackageCertificate(String packageName) throws NameNotFoundException {
PackageInfo pkgInfo = getPackageManager().getPackageInfo(packageName, @SuppressLint("PackageManagerGetSignatures") // we do check the byte array of *all* signatures
PackageManager.GET_SIGNATURES); PackageInfo pkgInfo = getPackageManager().getPackageInfo(packageName, PackageManager.GET_SIGNATURES);
// NOTE: Silly Android API naming: Signatures are actually certificates // NOTE: Silly Android API naming: Signatures are actually certificates
Signature[] certificates = pkgInfo.signatures; Signature[] certificates = pkgInfo.signatures;
ByteArrayOutputStream outputStream = new ByteArrayOutputStream(); ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
@@ -211,22 +211,15 @@ public abstract class RemoteService extends Service {
* Checks if process that binds to this service (i.e. the package name corresponding to the * Checks if process that binds to this service (i.e. the package name corresponding to the
* process) is in the list of allowed package names. * process) is in the list of allowed package names.
* *
* @param allowOnlySelf allow only Keychain app itself
* @return true if process is allowed to use this service * @return true if process is allowed to use this service
* @throws WrongPackageCertificateException * @throws WrongPackageCertificateException
*/ */
private boolean isCallerAllowed(boolean allowOnlySelf) throws WrongPackageCertificateException { private boolean isCallerAllowed() throws WrongPackageCertificateException {
return isUidAllowed(Binder.getCallingUid(), allowOnlySelf); return isUidAllowed(Binder.getCallingUid());
} }
private boolean isUidAllowed(int uid, boolean allowOnlySelf) private boolean isUidAllowed(int uid)
throws WrongPackageCertificateException { throws WrongPackageCertificateException {
if (android.os.Process.myUid() == uid) {
return true;
}
if (allowOnlySelf) { // barrier
return false;
}
String[] callingPackages = getPackageManager().getPackagesForUid(uid); String[] callingPackages = getPackageManager().getPackagesForUid(uid);
@@ -237,7 +230,7 @@ public abstract class RemoteService extends Service {
} }
} }
Log.d(Constants.TAG, "Uid is NOT allowed!"); Log.e(Constants.TAG, "Uid is NOT allowed!");
return false; return false;
} }

2
OpenKeychain/src/test/java/org/sufficientlysecure/keychain/WorkaroundBuildConfig.java
View File

@@ -1,5 +1,7 @@
package org.sufficientlysecure.keychain; package org.sufficientlysecure.keychain;
import org.sufficientlysecure.keychain.BuildConfig;
/** /**
* Temporary workaround for https://github.com/robolectric/robolectric/issues/1747 * Temporary workaround for https://github.com/robolectric/robolectric/issues/1747
*/ */