cthrace/open-keychain
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Better API demo, open activity from service, discover crypto provider with packagemanager instead of register intent

Browse Source
This commit is contained in:
Dominik Schürmann
2013-06-17 15:52:09 +02:00
parent f6fc6caa1c
commit 41338e115c
16 changed files with 916 additions and 313 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
OpenPGP-Keychain/src/org/openintents/crypto/CryptoServiceConnection.java
View File

@@ -69,7 +69,7 @@ public class CryptoServiceConnection {
Intent serviceIntent = new Intent();
serviceIntent.setAction("org.openintents.crypto.ICryptoService");
serviceIntent.setPackage(cryptoProviderPackageName); // TODO: test
serviceIntent.setPackage(cryptoProviderPackageName);
mApplicationContext.bindService(serviceIntent, mCryptoServiceConnection,
Context.BIND_AUTO_CREATE);

121
OpenPGP-Keychain/src/org/sufficientlysecure/keychain/crypto_provider/CryptoActivity.java
View File

@@ -1,19 +1,36 @@
/*
* Copyright (C) 2013 Dominik Schürmann <dominik@dominikschuermann.de>
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.sufficientlysecure.keychain.crypto_provider;
import org.sufficientlysecure.keychain.Constants;
import org.sufficientlysecure.keychain.Id;
import org.sufficientlysecure.keychain.R;
import org.sufficientlysecure.keychain.helper.PgpMain;
import org.sufficientlysecure.keychain.provider.ProviderHelper;
import org.sufficientlysecure.keychain.ui.dialog.PassphraseDialogFragment;
import org.sufficientlysecure.keychain.util.Log;
import com.actionbarsherlock.app.SherlockFragmentActivity;
import android.app.Activity;
import android.content.ComponentName;
import android.content.Context;
import android.content.Intent;
import android.content.ServiceConnection;
import android.os.Bundle;
import android.os.Handler;
import android.os.IBinder;
import android.os.Message;
import android.os.Messenger;
import android.view.View;
@@ -22,21 +39,81 @@ import android.widget.Button;
public class CryptoActivity extends SherlockFragmentActivity {
public static final String ACTION_REGISTER = "org.sufficientlysecure.keychain.REGISTER";
public static final String ACTION_CACHE_PASSPHRASE = "org.sufficientlysecure.keychain.CRYPTO_CACHE_PASSPHRASE";
public static final String EXTRA_SECRET_KEY_ID = "secret_key_id";
public static final String EXTRA_SECRET_KEY_ID = "secretKeyId";
public static final String EXTRA_PACKAGE_NAME = "packageName";
private ICryptoServiceActivity mService;
private boolean mServiceBound;
private ServiceConnection mServiceActivityConnection = new ServiceConnection() {
public void onServiceConnected(ComponentName name, IBinder service) {
mService = ICryptoServiceActivity.Stub.asInterface(service);
Log.d(Constants.TAG, "connected to ICryptoServiceActivity");
mServiceBound = true;
}
public void onServiceDisconnected(ComponentName name) {
mService = null;
Log.d(Constants.TAG, "disconnected from ICryptoServiceActivity");
mServiceBound = false;
}
};
/**
* If not already bound, bind!
*
* @return
*/
public boolean bindToService() {
if (mService == null && !mServiceBound) { // if not already connected
try {
Log.d(Constants.TAG, "not bound yet");
Intent serviceIntent = new Intent();
serviceIntent.setAction("org.openintents.crypto.ICryptoService");
bindService(serviceIntent, mServiceActivityConnection, Context.BIND_AUTO_CREATE);
return true;
} catch (Exception e) {
Log.d(Constants.TAG, "Exception", e);
return false;
}
} else { // already connected
Log.d(Constants.TAG, "already bound... ");
return true;
}
}
public void unbindFromService() {
unbindService(mServiceActivityConnection);
}
@Override
protected void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
Log.d(Constants.TAG, "onCreate…");
// bind to our own crypto service
bindToService();
handleActions(getIntent());
}
@Override
protected void onDestroy() {
super.onDestroy();
// unbind from our crypto service
if (mServiceActivityConnection != null) {
unbindFromService();
}
}
protected void handleActions(Intent intent) {
// TODO: Important: Check if calling package is in list!
String action = intent.getAction();
Bundle extras = intent.getExtras();
@@ -47,7 +124,35 @@ public class CryptoActivity extends SherlockFragmentActivity {
/**
* com.android.crypto actions
*/
if (ACTION_CACHE_PASSPHRASE.equals(action)) {
if (ACTION_REGISTER.equals(action)) {
final String packageName = extras.getString(EXTRA_PACKAGE_NAME);
setContentView(R.layout.register_crypto_consumer_activity);
Button allowButton = (Button) findViewById(R.id.register_crypto_consumer_allow);
Button disallowButton = (Button) findViewById(R.id.register_crypto_consumer_disallow);
allowButton.setOnClickListener(new OnClickListener() {
@Override
public void onClick(View v) {
// ProviderHelper.addCryptoConsumer(RegisterActivity.this, callingPackageName);
// Intent data = new Intent();
setResult(RESULT_OK);
finish();
}
});
disallowButton.setOnClickListener(new OnClickListener() {
@Override
public void onClick(View v) {
setResult(RESULT_CANCELED);
finish();
}
});
} else if (ACTION_CACHE_PASSPHRASE.equals(action)) {
long secretKeyId = extras.getLong(EXTRA_SECRET_KEY_ID);
showPassphraseDialog(secretKeyId);

180
OpenPGP-Keychain/src/org/sufficientlysecure/keychain/crypto_provider/CryptoService.java
View File

@@ -20,6 +20,9 @@ import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.InputStream;
import java.io.OutputStream;
import java.util.ArrayList;
import java.util.concurrent.ArrayBlockingQueue;
import java.util.concurrent.TimeUnit;
import org.openintents.crypto.CryptoError;
import org.openintents.crypto.CryptoSignatureResult;
@@ -29,8 +32,10 @@ import org.sufficientlysecure.keychain.helper.PgpMain;
import org.sufficientlysecure.keychain.util.InputData;
import org.sufficientlysecure.keychain.util.Log;
import org.sufficientlysecure.keychain.R;
import org.sufficientlysecure.keychain.provider.ProviderHelper;
import org.sufficientlysecure.keychain.service.KeychainIntentService;
import org.sufficientlysecure.keychain.service.PassphraseCacheService;
import org.sufficientlysecure.keychain.util.PausableThreadPoolExecutor;
import org.openintents.crypto.ICryptoCallback;
import org.openintents.crypto.ICryptoService;
@@ -38,6 +43,7 @@ import org.openintents.crypto.ICryptoService;
import android.app.Service;
import android.content.Context;
import android.content.Intent;
import android.os.Binder;
import android.os.Bundle;
import android.os.IBinder;
import android.os.RemoteException;
@@ -45,11 +51,26 @@ import android.os.RemoteException;
public class CryptoService extends Service {
Context mContext;
// just one pool of 4 threads, pause on every user action needed
final ArrayBlockingQueue<Runnable> mPoolQueue = new ArrayBlockingQueue<Runnable>(20);
PausableThreadPoolExecutor mThreadPool = new PausableThreadPoolExecutor(2, 4, 10,
TimeUnit.SECONDS, mPoolQueue);
private ArrayList<String> mAllowedPackages;
// RemoteCallbackList<IInterface>
public static final String ACTION_SERVICE_ACTIVITY = "org.sufficientlysecure.keychain.crypto_provider.ICryptoServiceActivity";
@Override
public void onCreate() {
super.onCreate();
mContext = this;
Log.d(Constants.TAG, "CryptoService, onCreate()");
// load allowed packages from database
mAllowedPackages = ProviderHelper.getCryptoConsumers(mContext);
Log.d(Constants.TAG, "allowed: " + mAllowedPackages);
}
@Override
@@ -60,7 +81,20 @@ public class CryptoService extends Service {
@Override
public IBinder onBind(Intent intent) {
return mBinder;
// return different binder for connections from internal service activity
if (ACTION_SERVICE_ACTIVITY.equals(intent.getAction())) {
String callingPackageName = intent.getPackage();
// this binder can only be used from OpenPGP Keychain
if (callingPackageName.equals(Constants.PACKAGE_NAME)) {
return mBinderServiceActivity;
} else {
Log.e(Constants.TAG, "This binder can only be used from " + Constants.PACKAGE_NAME);
return null;
}
} else {
return mBinder;
}
}
private synchronized void decryptAndVerifySafe(byte[] inputBytes, ICryptoCallback callback)
@@ -77,8 +111,8 @@ public class CryptoService extends Service {
if (secretKeyId == Id.key.none) {
throw new PgpMain.PgpGeneralException(getString(R.string.error_noSecretKeyFound));
}
Log.d(Constants.TAG, "Got input:\n"+new String(inputBytes));
Log.d(Constants.TAG, "Got input:\n" + new String(inputBytes));
Log.d(Constants.TAG, "secretKeyId " + secretKeyId);
@@ -86,13 +120,11 @@ public class CryptoService extends Service {
if (passphrase == null) {
Log.d(Constants.TAG, "No passphrase! Activity required!");
// No passphrase cached for this ciphertext! Intent required to cache
// passphrase!
Intent intent = new Intent(CryptoActivity.ACTION_CACHE_PASSPHRASE);
intent.putExtra(CryptoActivity.EXTRA_SECRET_KEY_ID, secretKeyId);
// TODO: start activity bind to service from activity send back intent on success
// callback.onActivityRequired(intent);
return;
// start passphrase dialog
Bundle extras = new Bundle();
extras.putLong(CryptoActivity.EXTRA_SECRET_KEY_ID, secretKeyId);
pauseQueueAndStartCryptoActivity(CryptoActivity.ACTION_CACHE_PASSPHRASE, extras);
}
// if (signedOnly) {
@@ -162,37 +194,111 @@ public class CryptoService extends Service {
}
@Override
public void decryptAndVerify(byte[] inputBytes, ICryptoCallback callback)
public void decryptAndVerify(final byte[] inputBytes, final ICryptoCallback callback)
throws RemoteException {
decryptAndVerifySafe(inputBytes, callback);
Runnable r = new Runnable() {
@Override
public void run() {
try {
decryptAndVerifySafe(inputBytes, callback);
} catch (RemoteException e) {
Log.e(Constants.TAG, "CryptoService", e);
}
}
};
checkAndEnqueue(r);
}
};
// /**
// * As we can not throw an exception through Android RPC, we assign identifiers to the
// exception
// * types.
// *
// * @param e
// * @return
// */
// private int getExceptionId(Exception e) {
// if (e instanceof NoSuchProviderException) {
// return 0;
// } else if (e instanceof NoSuchAlgorithmException) {
// return 1;
// } else if (e instanceof SignatureException) {
// return 2;
// } else if (e instanceof IOException) {
// return 3;
// } else if (e instanceof PgpGeneralException) {
// return 4;
// } else if (e instanceof PGPException) {
// return 5;
// } else {
// return -1;
// }
// }
private final ICryptoServiceActivity.Stub mBinderServiceActivity = new ICryptoServiceActivity.Stub() {
@Override
public void register(boolean success, String packageName) throws RemoteException {
if (success) {
// reload allowed packages
mAllowedPackages = ProviderHelper.getCryptoConsumers(mContext);
// resume threads
if (isCallerAllowed()) {
mThreadPool.resume();
} else {
// TODO: should not happen?
}
} else {
// TODO
mPoolQueue.clear();
}
}
@Override
public void cachePassphrase(boolean success, String passphrase) throws RemoteException {
}
};
private void checkAndEnqueue(Runnable r) {
if (isCallerAllowed()) {
mThreadPool.execute(r);
Log.d(Constants.TAG, "Enqueued runnable…");
} else {
Log.e(Constants.TAG, "Not allowed to use service! Starting register with activity!");
pauseQueueAndStartCryptoActivity(CryptoActivity.ACTION_REGISTER, null);
mThreadPool.execute(r);
Log.d(Constants.TAG, "Enqueued runnable…");
}
}
/**
* Checks if process that binds to this service (i.e. the package name corresponding to the
* process) is in the list of allowed package names.
*
* @return true if process is allowed to use this service
*/
private boolean isCallerAllowed() {
String[] callingPackages = getPackageManager().getPackagesForUid(Binder.getCallingUid());
// is calling package allowed to use this service?
for (int i = 0; i < callingPackages.length; i++) {
String currentPkg = callingPackages[i];
Log.d(Constants.TAG, "Caller packageName: " + currentPkg);
// check if package is allowed to use our service
if (mAllowedPackages.contains(currentPkg)) {
Log.d(Constants.TAG, "Caller is allowed! packageName: " + currentPkg);
return true;
} else if (Constants.PACKAGE_NAME.equals(currentPkg)) {
Log.d(Constants.TAG, "Caller is OpenPGP Keychain! -> allowed!");
return true;
}
}
Log.d(Constants.TAG, "Caller is NOT allowed!");
return false;
}
private void pauseQueueAndStartCryptoActivity(String action, Bundle extras) {
mThreadPool.pause();
Log.d(Constants.TAG, "starting activity...");
Intent intent = new Intent(getBaseContext(), CryptoActivity.class);
intent.addFlags(Intent.FLAG_ACTIVITY_NEW_TASK);
// intent.addFlags(Intent.FLAG_ACTIVITY_CLEAR_TOP);
// intent.addFlags(Intent.FLAG_ACTIVITY_NO_HISTORY);
intent.setAction(action);
if (extras != null) {
intent.putExtras(extras);
}
getApplication().startActivity(intent);
}
}

28
OpenPGP-Keychain/src/org/sufficientlysecure/keychain/crypto_provider/ICryptoServiceActivity.aidl Normal file
View File

@@ -0,0 +1,28 @@
/*
* Copyright (C) 2013 Dominik Schürmann <dominik@dominikschuermann.de>
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.sufficientlysecure.keychain.crypto_provider;
interface ICryptoServiceActivity {
oneway void register(in boolean success, in String packageName);
oneway void cachePassphrase(in boolean success, in String passphrase);
}

74
OpenPGP-Keychain/src/org/sufficientlysecure/keychain/crypto_provider/RegisterActivity.java
View File

@@ -1,74 +0,0 @@
package org.sufficientlysecure.keychain.crypto_provider;
import org.sufficientlysecure.keychain.Constants;
import org.sufficientlysecure.keychain.R;
import org.sufficientlysecure.keychain.provider.ProviderHelper;
import org.sufficientlysecure.keychain.util.Log;
import android.app.Activity;
import android.content.Intent;
import android.os.Bundle;
import android.view.View;
import android.view.View.OnClickListener;
import android.widget.Button;
public class RegisterActivity extends Activity {
public static final String ACTION_REGISTER = "com.android.crypto.REGISTER";
public static final String EXTRA_PACKAGE_NAME = "packageName";
@Override
protected void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
handleActions(getIntent());
}
protected void handleActions(Intent intent) {
String action = intent.getAction();
Bundle extras = intent.getExtras();
if (extras == null) {
extras = new Bundle();
}
final String callingPackageName = this.getCallingPackage();
/**
* com.android.crypto actions
*/
if (ACTION_REGISTER.equals(action)) {
setContentView(R.layout.register_crypto_consumer_activity);
Button allowButton = (Button) findViewById(R.id.register_crypto_consumer_allow);
Button disallowButton = (Button) findViewById(R.id.register_crypto_consumer_disallow);
allowButton.setOnClickListener(new OnClickListener() {
@Override
public void onClick(View v) {
ProviderHelper.addCryptoConsumer(RegisterActivity.this, callingPackageName);
Intent data = new Intent();
data.putExtra(EXTRA_PACKAGE_NAME, "org.sufficientlysecure.keychain");
setResult(RESULT_OK, data);
finish();
}
});
disallowButton.setOnClickListener(new OnClickListener() {
@Override
public void onClick(View v) {
setResult(RESULT_CANCELED);
finish();
}
});
} else {
Log.e(Constants.TAG, "Please use com.android.crypto.REGISTER as intent action!");
finish();
}
}
}

89
OpenPGP-Keychain/src/org/sufficientlysecure/keychain/util/PausableThreadPoolExecutor.java Normal file
View File

@@ -0,0 +1,89 @@
/*
* Copyright (C) 2013 Dominik Schürmann <dominik@dominikschuermann.de>
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.sufficientlysecure.keychain.util;
import java.util.concurrent.BlockingQueue;
import java.util.concurrent.RejectedExecutionHandler;
import java.util.concurrent.ThreadFactory;
import java.util.concurrent.ThreadPoolExecutor;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.locks.Condition;
import java.util.concurrent.locks.ReentrantLock;
/**
* Example from
* http://docs.oracle.com/javase/1.5.0/docs/api/java/util/concurrent/ThreadPoolExecutor.html
*/
public class PausableThreadPoolExecutor extends ThreadPoolExecutor {
public PausableThreadPoolExecutor(int corePoolSize, int maximumPoolSize, long keepAliveTime,
TimeUnit unit, BlockingQueue<Runnable> workQueue, RejectedExecutionHandler handler) {
super(corePoolSize, maximumPoolSize, keepAliveTime, unit, workQueue, handler);
}
public PausableThreadPoolExecutor(int corePoolSize, int maximumPoolSize, long keepAliveTime,
TimeUnit unit, BlockingQueue<Runnable> workQueue, ThreadFactory threadFactory,
RejectedExecutionHandler handler) {
super(corePoolSize, maximumPoolSize, keepAliveTime, unit, workQueue, threadFactory, handler);
}
public PausableThreadPoolExecutor(int corePoolSize, int maximumPoolSize, long keepAliveTime,
TimeUnit unit, BlockingQueue<Runnable> workQueue, ThreadFactory threadFactory) {
super(corePoolSize, maximumPoolSize, keepAliveTime, unit, workQueue, threadFactory);
}
public PausableThreadPoolExecutor(int corePoolSize, int maximumPoolSize, long keepAliveTime,
TimeUnit unit, BlockingQueue<Runnable> workQueue) {
super(corePoolSize, maximumPoolSize, keepAliveTime, unit, workQueue);
}
private boolean isPaused;
private ReentrantLock pauseLock = new ReentrantLock();
private Condition unpaused = pauseLock.newCondition();
protected void beforeExecute(Thread t, Runnable r) {
super.beforeExecute(t, r);
pauseLock.lock();
try {
while (isPaused)
unpaused.await();
} catch (InterruptedException ie) {
t.interrupt();
} finally {
pauseLock.unlock();
}
}
public void pause() {
pauseLock.lock();
try {
isPaused = true;
} finally {
pauseLock.unlock();
}
}
public void resume() {
pauseLock.lock();
try {
isPaused = false;
unpaused.signalAll();
} finally {
pauseLock.unlock();
}
}
}