open-keychain/OpenPGP-Keychain/src/org/sufficientlysecure/keychain/crypto_provider/CryptoService.java

320 lines
12 KiB
Java
Raw Normal View History

2013-05-28 09:10:36 -04:00
/*
* Copyright (C) 2013 Dominik Schürmann <dominik@dominikschuermann.de>
2013-05-28 09:10:36 -04:00
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.sufficientlysecure.keychain.crypto_provider;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.InputStream;
import java.io.OutputStream;
import java.util.ArrayList;
import java.util.concurrent.ArrayBlockingQueue;
import java.util.concurrent.TimeUnit;
2013-05-29 09:58:50 -04:00
import org.openintents.crypto.CryptoError;
import org.openintents.crypto.CryptoSignatureResult;
2013-05-28 09:10:36 -04:00
import org.sufficientlysecure.keychain.Constants;
import org.sufficientlysecure.keychain.Id;
import org.sufficientlysecure.keychain.helper.PgpMain;
import org.sufficientlysecure.keychain.util.InputData;
import org.sufficientlysecure.keychain.util.Log;
import org.sufficientlysecure.keychain.R;
import org.sufficientlysecure.keychain.provider.ProviderHelper;
2013-05-28 09:10:36 -04:00
import org.sufficientlysecure.keychain.service.KeychainIntentService;
import org.sufficientlysecure.keychain.service.PassphraseCacheService;
import org.sufficientlysecure.keychain.util.PausableThreadPoolExecutor;
2013-05-28 09:10:36 -04:00
2013-05-29 09:58:50 -04:00
import org.openintents.crypto.ICryptoCallback;
import org.openintents.crypto.ICryptoService;
2013-05-28 09:10:36 -04:00
import android.app.Service;
import android.content.Context;
import android.content.Intent;
import android.os.Binder;
2013-05-28 09:10:36 -04:00
import android.os.Bundle;
import android.os.IBinder;
import android.os.RemoteException;
public class CryptoService extends Service {
Context mContext;
// just one pool of 4 threads, pause on every user action needed
final ArrayBlockingQueue<Runnable> mPoolQueue = new ArrayBlockingQueue<Runnable>(20);
PausableThreadPoolExecutor mThreadPool = new PausableThreadPoolExecutor(2, 4, 10,
TimeUnit.SECONDS, mPoolQueue);
private ArrayList<String> mAllowedPackages;
2013-06-17 10:05:39 -04:00
public static final String ACTION_SERVICE_ACTIVITY = "org.sufficientlysecure.keychain.crypto_provider.IServiceActivityCallback";
2013-05-28 09:10:36 -04:00
@Override
public void onCreate() {
super.onCreate();
mContext = this;
Log.d(Constants.TAG, "CryptoService, onCreate()");
// load allowed packages from database
mAllowedPackages = ProviderHelper.getCryptoConsumers(mContext);
Log.d(Constants.TAG, "allowed: " + mAllowedPackages);
2013-05-28 09:10:36 -04:00
}
@Override
public void onDestroy() {
super.onDestroy();
Log.d(Constants.TAG, "CryptoService, onDestroy()");
2013-05-28 09:10:36 -04:00
}
@Override
public IBinder onBind(Intent intent) {
// return different binder for connections from internal service activity
if (ACTION_SERVICE_ACTIVITY.equals(intent.getAction())) {
String callingPackageName = intent.getPackage();
// this binder can only be used from OpenPGP Keychain
if (callingPackageName.equals(Constants.PACKAGE_NAME)) {
return mBinderServiceActivity;
} else {
Log.e(Constants.TAG, "This binder can only be used from " + Constants.PACKAGE_NAME);
return null;
}
} else {
return mBinder;
}
2013-05-28 09:10:36 -04:00
}
private synchronized void decryptAndVerifySafe(byte[] inputBytes, ICryptoCallback callback)
throws RemoteException {
2013-05-28 09:10:36 -04:00
try {
// build InputData and write into OutputStream
InputStream inputStream = new ByteArrayInputStream(inputBytes);
long inputLength = inputBytes.length;
InputData inputData = new InputData(inputStream, inputLength);
2013-05-28 09:10:36 -04:00
OutputStream outputStream = new ByteArrayOutputStream();
2013-05-28 09:10:36 -04:00
long secretKeyId = PgpMain.getDecryptionKeyId(mContext, inputStream);
if (secretKeyId == Id.key.none) {
throw new PgpMain.PgpGeneralException(getString(R.string.error_noSecretKeyFound));
}
Log.d(Constants.TAG, "Got input:\n" + new String(inputBytes));
2013-05-28 09:10:36 -04:00
Log.d(Constants.TAG, "secretKeyId " + secretKeyId);
2013-05-28 09:10:36 -04:00
String passphrase = PassphraseCacheService.getCachedPassphrase(mContext, secretKeyId);
2013-05-28 09:10:36 -04:00
if (passphrase == null) {
Log.d(Constants.TAG, "No passphrase! Activity required!");
// start passphrase dialog
Bundle extras = new Bundle();
2013-06-17 10:05:39 -04:00
extras.putLong(ServiceActivity.EXTRA_SECRET_KEY_ID, secretKeyId);
pauseQueueAndStartServiceActivity(ServiceActivity.ACTION_CACHE_PASSPHRASE, extras);
2013-05-28 09:10:36 -04:00
}
// if (signedOnly) {
// resultData = PgpMain.verifyText(this, this, inputData, outStream,
// lookupUnknownKey);
// } else {
// resultData = PgpMain.decryptAndVerify(this, this, inputData, outStream,
// PassphraseCacheService.getCachedPassphrase(this, secretKeyId),
// assumeSymmetricEncryption);
// }
2013-05-28 09:10:36 -04:00
Bundle outputBundle = PgpMain.decryptAndVerify(mContext, null, inputData, outputStream,
passphrase, false);
2013-05-28 09:10:36 -04:00
outputStream.close();
byte[] outputBytes = ((ByteArrayOutputStream) outputStream).toByteArray();
// get signature informations from bundle
boolean signature = outputBundle.getBoolean(KeychainIntentService.RESULT_SIGNATURE);
long signatureKeyId = outputBundle
.getLong(KeychainIntentService.RESULT_SIGNATURE_KEY_ID);
String signatureUserId = outputBundle
.getString(KeychainIntentService.RESULT_SIGNATURE_USER_ID);
boolean signatureSuccess = outputBundle
.getBoolean(KeychainIntentService.RESULT_SIGNATURE_SUCCESS);
boolean signatureUnknown = outputBundle
.getBoolean(KeychainIntentService.RESULT_SIGNATURE_UNKNOWN);
CryptoSignatureResult sigResult = new CryptoSignatureResult(signatureUserId, signature,
2013-05-28 09:10:36 -04:00
signatureSuccess, signatureUnknown);
// return over handler on client side
callback.onDecryptVerifySuccess(outputBytes, sigResult);
2013-05-28 09:10:36 -04:00
} catch (Exception e) {
Log.e(Constants.TAG, "KeychainService, Exception!", e);
try {
callback.onError(new CryptoError(0, e.getMessage()));
2013-05-28 09:10:36 -04:00
} catch (Exception t) {
Log.e(Constants.TAG, "Error returning exception to client", t);
}
}
}
private final ICryptoService.Stub mBinder = new ICryptoService.Stub() {
@Override
public void encrypt(byte[] inputBytes, String[] encryptionUserIds, ICryptoCallback callback)
throws RemoteException {
// TODO Auto-generated method stub
}
@Override
public void encryptAndSign(byte[] inputBytes, String[] encryptionUserIds,
String signatureUserId, ICryptoCallback callback) throws RemoteException {
// TODO Auto-generated method stub
}
@Override
public void sign(byte[] inputBytes, String signatureUserId, ICryptoCallback callback)
throws RemoteException {
// TODO Auto-generated method stub
}
@Override
public void decryptAndVerify(final byte[] inputBytes, final ICryptoCallback callback)
2013-05-28 09:10:36 -04:00
throws RemoteException {
Runnable r = new Runnable() {
@Override
public void run() {
try {
decryptAndVerifySafe(inputBytes, callback);
} catch (RemoteException e) {
Log.e(Constants.TAG, "CryptoService", e);
}
}
};
checkAndEnqueue(r);
2013-05-28 09:10:36 -04:00
}
};
2013-06-17 10:05:39 -04:00
private final IServiceActivityCallback.Stub mBinderServiceActivity = new IServiceActivityCallback.Stub() {
@Override
public void register(boolean success, String packageName) throws RemoteException {
2013-06-17 10:59:27 -04:00
if (success) {
// reload allowed packages
mAllowedPackages = ProviderHelper.getCryptoConsumers(mContext);
// resume threads
2013-06-17 10:59:27 -04:00
if (isPackageAllowed(packageName)) {
mThreadPool.resume();
} else {
// TODO: should not happen?
}
} else {
// TODO
mPoolQueue.clear();
}
}
@Override
public void cachePassphrase(boolean success, String passphrase) throws RemoteException {
}
};
private void checkAndEnqueue(Runnable r) {
if (isCallerAllowed()) {
mThreadPool.execute(r);
Log.d(Constants.TAG, "Enqueued runnable…");
} else {
2013-06-17 10:59:27 -04:00
String[] callingPackages = getPackageManager()
.getPackagesForUid(Binder.getCallingUid());
Log.e(Constants.TAG, "Not allowed to use service! Starting activity for registration!");
Bundle extras = new Bundle();
// TODO: currently simply uses first entry
extras.putString(ServiceActivity.EXTRA_PACKAGE_NAME, callingPackages[0]);
pauseQueueAndStartServiceActivity(ServiceActivity.ACTION_REGISTER, extras);
mThreadPool.execute(r);
Log.d(Constants.TAG, "Enqueued runnable…");
}
}
/**
* Checks if process that binds to this service (i.e. the package name corresponding to the
* process) is in the list of allowed package names.
*
* @return true if process is allowed to use this service
*/
private boolean isCallerAllowed() {
String[] callingPackages = getPackageManager().getPackagesForUid(Binder.getCallingUid());
// is calling package allowed to use this service?
for (int i = 0; i < callingPackages.length; i++) {
String currentPkg = callingPackages[i];
2013-06-17 10:59:27 -04:00
if (isPackageAllowed(currentPkg)) {
return true;
}
}
2013-06-17 10:59:27 -04:00
Log.d(Constants.TAG, "Caller is NOT allowed!");
return false;
}
2013-06-17 10:59:27 -04:00
private boolean isPackageAllowed(String packageName) {
Log.d(Constants.TAG, "packageName: " + packageName);
// check if package is allowed to use our service
if (mAllowedPackages.contains(packageName)) {
Log.d(Constants.TAG, "Package is allowed! packageName: " + packageName);
return true;
} else if (Constants.PACKAGE_NAME.equals(packageName)) {
Log.d(Constants.TAG, "Package is OpenPGP Keychain! -> allowed!");
return true;
}
return false;
}
2013-06-17 10:05:39 -04:00
private void pauseQueueAndStartServiceActivity(String action, Bundle extras) {
mThreadPool.pause();
Log.d(Constants.TAG, "starting activity...");
2013-06-17 10:05:39 -04:00
Intent intent = new Intent(getBaseContext(), ServiceActivity.class);
intent.addFlags(Intent.FLAG_ACTIVITY_NEW_TASK);
// intent.addFlags(Intent.FLAG_ACTIVITY_CLEAR_TOP);
// intent.addFlags(Intent.FLAG_ACTIVITY_NO_HISTORY);
intent.setAction(action);
if (extras != null) {
intent.putExtras(extras);
}
getApplication().startActivity(intent);
}
2013-05-28 09:10:36 -04:00
}