Merge pull request #609 from kb-1000/jsch

Update JSCH and Conscrypt
maks · Mar 21, 2022 · 6574cbf · 6574cbf
2 parents 5e272ac + b79b3c0
commit 6574cbf
Show file tree

Hide file tree

Showing 10 changed files with 154 additions and 144 deletions.
diff --git a/app/build.gradle b/app/build.gradle
@@ -57,21 +57,24 @@ android {
     }
 }
 
-configurations {
-    all {
-        exclude module: 'httpclient'
+configurations.all {
+    resolutionStrategy.eachDependency { DependencyResolveDetails details ->
+        if (details.requested.group == "com.jcraft" && details.requested.name == "jsch") {
+            details.useTarget("com.github.mwiede:jsch:0.2.0")
+        }
+
     }
+    exclude module: 'httpclient'
 }
 
 
-
 dependencies {
     def supportLib_version = "28.0.0"
     def lifecycle_version = "1.1.1"
 
     def acraVersion = '5.8.4'
 
-    implementation 'org.jetbrains.kotlin:kotlin-stdlib-jdk8:1.5.31'
+    implementation 'org.jetbrains.kotlin:kotlin-stdlib-jdk8'
     implementation 'androidx.fragment:fragment:1.4.0'
     implementation 'androidx.annotation:annotation:1.3.0'
     implementation 'androidx.appcompat:appcompat:1.4.0'
@@ -85,12 +88,13 @@ dependencies {
     kapt 'androidx.lifecycle:lifecycle-compiler:2.4.0'
 
     implementation 'com.jakewharton.timber:timber:4.5.1'
-    implementation 'com.jcraft:jsch:0.1.54'
+    implementation 'com.github.mwiede:jsch:0.2.0'
     implementation 'commons-io:commons-io:2.5'
     implementation 'org.eclipse.jgit:org.eclipse.jgit:3.7.1.201504261725-r'
     implementation 'com.nostra13.universalimageloader:universal-image-loader:1.9.5'
     implementation 'com.scottyab:secure-preferences-lib:0.1.4'
-    implementation 'org.conscrypt:conscrypt-android:1.1.0'
+    implementation 'org.conscrypt:conscrypt-android:2.5.2'
+    implementation 'org.bouncycastle:bcprov-jdk15on:1.70'
 
     implementation "ch.acra:acra-mail:$acraVersion"
     implementation "ch.acra:acra-dialog:$acraVersion"

diff --git a/app/src/main/java/com/manichord/mgit/ssh/PrivateKeyGenerate.kt b/app/src/main/java/com/manichord/mgit/ssh/PrivateKeyGenerate.kt
@@ -0,0 +1,93 @@
+package com.manichord.mgit.ssh
+
+import android.annotation.SuppressLint
+import android.app.AlertDialog
+import android.app.Dialog
+import android.os.Bundle
+import android.widget.EditText
+import android.widget.RadioGroup
+import com.jcraft.jsch.JSch
+import com.jcraft.jsch.KeyPair
+import me.sheimi.android.views.SheimiDialogFragment
+import me.sheimi.sgit.R
+import me.sheimi.sgit.activities.explorer.PrivateKeyManageActivity
+import me.sheimi.sgit.ssh.PrivateKeyUtils
+import org.acra.ktx.sendWithAcra
+import timber.log.Timber
+import java.io.File
+import java.io.FileOutputStream
+
+class PrivateKeyGenerate : SheimiDialogFragment() {
+    private lateinit var mNewFilename: EditText
+    private lateinit var mKeyLength: EditText
+    private lateinit var mRadioGroup: RadioGroup
+
+    @SuppressLint("SetTextI18n")
+    override fun onCreateDialog(savedInstanceState: Bundle?): Dialog {
+        // Use the Builder class for convenient dialog construction
+        val builder = AlertDialog.Builder(activity)
+        val inflater = requireActivity().layoutInflater
+        val view = inflater.inflate(R.layout.dialog_generate_key, null)
+        mNewFilename = view.findViewById(R.id.newFilename)
+        mKeyLength = view.findViewById(R.id.key_size)
+        mKeyLength.setText("4096")
+        mRadioGroup = view.findViewById(R.id.radio_keygen_type)
+        builder.setMessage(R.string.label_dialog_generate_key)
+                .setView(view)
+                .setPositiveButton(R.string.label_generate_key) { _, _ -> generateKey() }
+                .setNegativeButton(R.string.label_cancel) { _, _ -> }
+        return builder.create()
+    }
+
+    private fun generateKey() {
+        val newFilename = mNewFilename.text.toString().trim { it <= ' ' }
+        if (newFilename == "") {
+            showToastMessage(R.string.alert_new_filename_required)
+            mNewFilename.error = getString(R.string.alert_new_filename_required)
+            return
+        }
+        if (newFilename.contains("/")) {
+            showToastMessage(R.string.alert_filename_format)
+            mNewFilename.error = getString(R.string.alert_filename_format)
+            return
+        }
+        val keySize = mKeyLength.text.toString().toInt()
+        if (keySize < 1024) {
+            showToastMessage(R.string.alert_too_short_key_size)
+            mNewFilename.error = getString(R.string.alert_too_short_key_size)
+            return
+        }
+        if (keySize > 16384) {
+            showToastMessage(R.string.alert_too_long_key_size)
+            mNewFilename.error = getString(R.string.alert_too_long_key_size)
+            return
+        }
+        val type = when (mRadioGroup.checkedRadioButtonId) {
+            R.id.radio_dsa -> KeyPair.DSA
+            // JSCH doesn't support writing ED25519 keys yet, only reading
+            //R.id.radio_ed25519 -> KeyPair.ED25519
+            else -> KeyPair.RSA
+        }
+        val newKey = File(PrivateKeyUtils.getPrivateKeyFolder(), newFilename)
+        if (newKey.exists()) {
+            showToastMessage(R.string.alert_key_exists)
+            mNewFilename.error = getString(R.string.alert_key_exists)
+            return
+        }
+        val newPubKey = File(PrivateKeyUtils.getPublicKeyFolder(), newFilename)
+        try {
+            val jsch = JSch()
+            val kpair = KeyPair.genKeyPair(jsch, type, keySize)
+            kpair.writePrivateKey(FileOutputStream(newKey))
+            kpair.writePublicKey(FileOutputStream(newPubKey), "mgit")
+            kpair.dispose()
+        } catch (e: Exception) {
+            Timber.e(e, "Failed to generate SSH key")
+            RuntimeException("Failed to generate SSH key", e).sendWithAcra()
+            // Delete any leftover files
+            newKey.delete()
+            newPubKey.delete()
+        }
+        (activity as PrivateKeyManageActivity).refreshList()
+    }
+}
diff --git a/app/src/main/java/com/manichord/mgit/transport/MGitSSLSocketFactory.java b/app/src/main/java/com/manichord/mgit/transport/MGitSSLSocketFactory.java
@@ -11,8 +11,8 @@
 
 public class MGitSSLSocketFactory extends SSLSocketFactory {
 
-    private SSLSocketFactory wrappedSSLSocketFactory;
-    public static String[] enabledProtocols = new String[] {"TLSv1.2", "TLSv1.1", "TLSv1"};
+    private final SSLSocketFactory wrappedSSLSocketFactory;
+    private static final String[] enabledProtocols = new String[] {"TLSv1.3", "TLSv1.2"};
 
     public MGitSSLSocketFactory(SSLSocketFactory wrapped) {
         wrappedSSLSocketFactory = wrapped;
@@ -60,7 +60,7 @@ public Socket createSocket(InetAddress address, int port, InetAddress localAddre
 
 
     private Socket modifySocket(Socket socket) {
-        if(null != socket && (socket instanceof SSLSocket)) {
+        if(socket instanceof SSLSocket) {
             SSLSocket sslSocket = (SSLSocket)socket;
             sslSocket.setEnabledProtocols(enabledProtocols);
         }

diff --git a/app/src/main/java/me/sheimi/sgit/MGitApplication.kt b/app/src/main/java/me/sheimi/sgit/MGitApplication.kt
@@ -10,8 +10,11 @@ import org.acra.config.dialog
 import org.acra.config.mailSender
 import org.acra.data.StringFormat
 import org.acra.ktx.initAcra
+import org.bouncycastle.jce.provider.BouncyCastleProvider
+import org.conscrypt.Conscrypt
 import org.eclipse.jgit.transport.CredentialsProvider
 import timber.log.Timber
+import java.security.Security
 
 /**
  * Custom Application Singleton
@@ -24,7 +27,7 @@ open class MGitApplication : Application() {
     companion object {
         private lateinit var mContext: Context
         private lateinit var mCredentialsProvider: CredentialsProvider
-        val context: Context?
+        val context: Context
             get() = mContext
 
         @JvmStatic fun getContext(): MGitApplication {
@@ -37,6 +40,8 @@ open class MGitApplication : Application() {
 
         init {
             MGitHttpConnectionFactory.install()
+            Security.addProvider(BouncyCastleProvider())
+            Security.addProvider(Conscrypt.newProvider())
         }
     }
 

diff --git a/app/src/main/java/me/sheimi/sgit/activities/explorer/PrivateKeyGenerate.java b/app/src/main/java/me/sheimi/sgit/activities/explorer/PrivateKeyGenerate.java
diff --git a/app/src/main/java/me/sheimi/sgit/activities/explorer/PrivateKeyManageActivity.java b/app/src/main/java/me/sheimi/sgit/activities/explorer/PrivateKeyManageActivity.java
@@ -13,6 +13,8 @@
 import android.view.View;
 import android.widget.AdapterView;
 
+import com.manichord.mgit.ssh.PrivateKeyGenerate;
+
 import java.io.File;
 import java.io.FileFilter;
 
@@ -88,21 +90,12 @@ public boolean onActionItemClicked(ActionMode mode, MenuItem item) {
 		startActivity(intent);
 		return true;
 	case R.id.action_mode_edit_key_password:
-        if (Build.VERSION.SDK_INT < Build.VERSION_CODES.JELLY_BEAN_MR2) {
-            new AlertDialog.Builder(this)
-                .setIcon(android.R.drawable.ic_dialog_alert)
-                .setTitle(R.string.dialog_not_supported)
-                .setMessage(R.string.dialog_not_supported_msg)
-                .setPositiveButton(R.string.label_ok, null)
-                .show();
-        } else {
-            pathArg = new Bundle();
-            pathArg.putString(EditKeyPasswordDialog.KEY_FILE_EXTRA, mChosenFile.getAbsolutePath());
-            mode.finish();
-            EditKeyPasswordDialog editDialog = new EditKeyPasswordDialog();
-            editDialog.setArguments(pathArg);
-            editDialog.show(getSupportFragmentManager(), "rename-dialog");
-        }
+        pathArg = new Bundle();
+        pathArg.putString(EditKeyPasswordDialog.KEY_FILE_EXTRA, mChosenFile.getAbsolutePath());
+        mode.finish();
+        EditKeyPasswordDialog editDialog = new EditKeyPasswordDialog();
+        editDialog.setArguments(pathArg);
+        editDialog.show(getSupportFragmentManager(), "rename-dialog");
         return true;
 	case R.id.action_mode_delete:
 	    mode.finish();

diff --git a/app/src/main/res/layout/dialog_generate_key.xml b/app/src/main/res/layout/dialog_generate_key.xml
@@ -2,6 +2,7 @@
     android:orientation="vertical"
     android:layout_width="wrap_content"
     android:layout_height="wrap_content">
+
     <EditText
         android:id="@+id/newFilename"
         android:inputType="text"
@@ -12,6 +13,7 @@
         android:layout_marginRight="4dp"
         android:layout_marginBottom="4dp"
         android:hint="@string/label_new_file_name" />
+
     <EditText
         android:id="@+id/key_size"
         android:inputType="number"
@@ -22,18 +24,31 @@
         android:layout_marginRight="4dp"
         android:layout_marginBottom="16dp"
         android:fontFamily="sans-serif"
-        android:hint="@string/label_key_size"/>
-    <RadioGroup xmlns:android="http://schemas.android.com/apk/res/android"
-	android:layout_width="fill_parent"
-	android:layout_height="wrap_content"
-	android:orientation="vertical">
-      <RadioButton android:id="@+id/radio_rsa"
-		   android:layout_width="wrap_content"
-		   android:layout_height="wrap_content"
-		   android:text="RSA"/>
-      <RadioButton android:id="@+id/radio_dsa"
-		   android:layout_width="wrap_content"
-		   android:layout_height="wrap_content"
-		   android:text="DSA"/>
+        android:hint="@string/label_key_size" />
+
+    <RadioGroup
+        android:id="@+id/radio_keygen_type"
+        android:layout_width="fill_parent"
+        android:layout_height="wrap_content"
+        android:orientation="vertical">
+
+        <RadioButton
+            android:id="@+id/radio_rsa"
+            android:layout_width="wrap_content"
+            android:layout_height="wrap_content"
+            android:checked="true"
+            android:text="RSA" />
+
+        <RadioButton
+            android:id="@+id/radio_dsa"
+            android:layout_width="wrap_content"
+            android:layout_height="wrap_content"
+            android:text="DSA" />
+        <!-- JSCH doesn't support writing ED25519 keys yet, only reading -->
+        <!--<RadioButton
+            android:id="@+id/radio_ed25519"
+            android:layout_width="wrap_content"
+            android:layout_height="wrap_content"
+            android:text="ED25519" />-->
     </RadioGroup>
 </LinearLayout>
diff --git a/app/src/main/res/values-de/strings_error.xml b/app/src/main/res/values-de/strings_error.xml
@@ -34,5 +34,6 @@
     <string name="alert_please_add_a_remote">Bitte zuerst eine Remote Repository hinzufügen</string>
     <string name="alert_is_already_a_git_repo">Dieses Verzeichnis ist bereits ein Git-Repository.</string>
     <string name="alert_save_failed">Speichern fehlgeschlagen</string>
+    <string name="alert_key_exists">Schlüssel existiert bereits</string>
 
-</resources>
+</resources>