Support client certificates

This commit is contained in:
Trevor Slocum 2020-11-24 10:37:37 -08:00
parent b9f0680195
commit 7247cc81d8
20 changed files with 320 additions and 84 deletions

View File

@ -1,4 +1,5 @@
0.1.1:
- Support client certificates
- Shut down daemon after 10 minutes of inactivity
0.1.0:

View File

@ -31,7 +31,7 @@ android {
ext {
// https://gitlab.com/tslocum/gmitohtml
gmitohtmlVersion = "fb5e7f4ea4639983fcf950ad6f5c38333c9b7208"
gmitohtmlVersion = "11183c0c630fc41c8f04ffaceece2742fed7e6d3"
}
task bindLibrary(type: Exec) {

View File

@ -1,10 +1,8 @@
<?xml version="1.0" encoding="utf-8"?>
<manifest xmlns:android="http://schemas.android.com/apk/res/android"
xmlns:tools="http://schemas.android.com/tools"
package="space.rocketnine.xenia">
<uses-permission android:name="android.permission.INTERNET" />
<uses-permission android:name="android.permission.FOREGROUND_SERVICE" />
<application
@ -17,15 +15,21 @@
android:theme="@style/Theme.Xenia">
<activity
android:name=".MainActivity"
android:label="@string/app_name">
android:label="@string/app_name"
android:launchMode="singleInstance">
<intent-filter>
<action android:name="android.intent.action.MAIN" />
<category android:name="android.intent.category.LAUNCHER" />
</intent-filter>
</activity>
<service android:name=".XeniaService" android:stopWithTask="true" />
<activity
android:name=".CertificatesActivity"
android:label="Client certificates"
android:parentActivityName=".MainActivity" />
<service
android:name=".XeniaService"
android:stopWithTask="true" />
</application>
</manifest>

View File

@ -1,9 +1,15 @@
package space.rocketnine.xenia;
import android.app.Application;
import android.content.Context;
import android.content.Intent;
import android.net.Uri;
import android.os.Build;
import android.os.ParcelFileDescriptor;
import java.io.FileDescriptor;
import java.io.FileInputStream;
import java.io.IOException;
public class App extends Application {
@ -31,4 +37,20 @@ public class App extends Application {
});
openBrowser.start();
}
public static byte[] readFile(Context context, Uri uri) throws IOException {
ParcelFileDescriptor pdf = context.getContentResolver().openFileDescriptor(uri, "r");
assert pdf != null;
assert pdf.getStatSize() <= Integer.MAX_VALUE;
byte[] data = new byte[(int) pdf.getStatSize()];
FileDescriptor fd = pdf.getFileDescriptor();
FileInputStream fileStream = new FileInputStream(fd);
fileStream.read(data);
fileStream.close();
pdf.close();
return data;
}
}

View File

@ -0,0 +1,215 @@
package space.rocketnine.xenia;
import android.app.Activity;
import android.app.AlertDialog;
import android.content.Context;
import android.content.DialogInterface;
import android.content.Intent;
import android.content.SharedPreferences;
import android.net.Uri;
import android.os.Bundle;
import android.text.InputType;
import android.util.Base64;
import android.util.Log;
import android.view.Menu;
import android.view.MenuItem;
import android.view.View;
import android.widget.AdapterView;
import android.widget.ArrayAdapter;
import android.widget.Button;
import android.widget.EditText;
import android.widget.ListView;
import android.widget.TextView;
import android.widget.Toast;
import java.io.IOException;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
public class CertificatesActivity extends Activity {
String addSiteAddress = "";
Uri addSiteCertificate;
Uri addSitePrivateKey;
int requestCodeCertificate = 1965;
int requestCodePrivateKey = 1966;
ArrayAdapter<String> adapter;
@Override
protected void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.activity_certificates);
getActionBar().setDisplayHomeAsUpEnabled(true);
getActionBar().setDisplayShowHomeEnabled(true);
List<String> sitesList = new ArrayList<String>();
adapter = new ArrayAdapter<String>(this,
android.R.layout.simple_list_item_1, android.R.id.text1, sitesList);
updateSiteList();
ListView listView = findViewById(R.id.certificatesList);
listView.setAdapter(adapter);
listView.setOnItemClickListener(new AdapterView.OnItemClickListener() {
@Override
public void onItemClick(AdapterView<?> adapterView, View view, int position, long id) {
String site = (String) adapterView.getItemAtPosition(position);
AlertDialog.Builder builder = new AlertDialog.Builder(CertificatesActivity.this);
builder.setTitle("Remove certificate");
TextView tv = new TextView(CertificatesActivity.this);
tv.setText("Are you sure you want to remove the certificate for " + site + "?");
tv.setPadding(14, 14, 14, 14);
builder.setView(tv);
builder.setPositiveButton("Remove", (dialog, which) -> {
SharedPreferences prefs = getSharedPreferences("xenia", Context.MODE_PRIVATE);
Set<String> sites = prefs.getStringSet("certs", new HashSet<String>());
if (sites.contains(site)) {
sites.remove(site);
prefs.edit().putStringSet("certs", sites).apply();
}
prefs.edit().putString("cert_" + site, "").putString("key_" + site, "").apply();
updateSiteList();
Toast.makeText(CertificatesActivity.this, "Restart Xenia to apply changes", Toast.LENGTH_LONG).show();
});
builder.setNegativeButton("Cancel", (dialog, which) -> dialog.cancel());
builder.show();
}
});
}
private void updateSiteList() {
adapter.clear();
SharedPreferences prefs = getSharedPreferences("xenia", Context.MODE_PRIVATE);
Set<String> sites = prefs.getStringSet("certs", new HashSet<String>());
List<String> sitesList = new ArrayList<String>(sites);
adapter.addAll(sitesList);
}
private void selectCertificate(String siteAddress) {
addSiteAddress = siteAddress;
Toast.makeText(CertificatesActivity.this, "Select certificate file", Toast.LENGTH_LONG).show();
Intent intent = new Intent()
.setType("*/*")
.setAction(Intent.ACTION_GET_CONTENT);
startActivityForResult(Intent.createChooser(intent, "Select certificate file"), requestCodeCertificate);
}
private void selectPrivateKey() {
Toast.makeText(CertificatesActivity.this, "Select private key", Toast.LENGTH_LONG).show();
Intent intent = new Intent()
.setType("*/*")
.setAction(Intent.ACTION_GET_CONTENT);
startActivityForResult(Intent.createChooser(intent, "Select certificate private key"), requestCodePrivateKey);
}
private void addSite() {
AlertDialog.Builder builder = new AlertDialog.Builder(CertificatesActivity.this);
builder.setTitle("Enter domain (without www)");
final EditText input = new EditText(this);
input.setInputType(InputType.TYPE_CLASS_TEXT | InputType.TYPE_TEXT_VARIATION_URI);
builder.setView(input);
builder.setPositiveButton("Continue", (dialog, which) -> {
// Handler is set below
});
builder.setNegativeButton("Cancel", (dialog, which) -> dialog.cancel());
AlertDialog dialog = builder.create();
dialog.show();
Button positiveButton = dialog.getButton(DialogInterface.BUTTON_POSITIVE);
positiveButton.setOnClickListener(v -> {
if (input.getText().toString().isEmpty() || input.getText().toString().contains("/")) {
Toast.makeText(CertificatesActivity.this, "Please enter only the domain (no slashes)", Toast.LENGTH_LONG).show();
return;
}
selectCertificate(input.getText().toString());
dialog.dismiss();
});
}
private void finishAddingSite() {
Log.d("xenia", addSiteAddress);
Log.d("xenia", addSiteCertificate.toString());
Log.d("xenia", addSitePrivateKey.toString());
byte[] certificateData;
byte[] privateKeyData;
try {
certificateData = App.readFile(CertificatesActivity.this, addSiteCertificate);
privateKeyData = App.readFile(CertificatesActivity.this, addSitePrivateKey);
} catch (IOException e) {
e.printStackTrace();
return;
}
SharedPreferences prefs = getSharedPreferences("xenia", Context.MODE_PRIVATE);
Set<String> sites = prefs.getStringSet("certs", new HashSet<String>());
if (!sites.contains(addSiteAddress)) {
sites.add(addSiteAddress);
prefs.edit().putStringSet("sites", sites).apply();
}
prefs.edit().putString("cert_" + addSiteAddress, new String(Base64.encode(certificateData, Base64.DEFAULT))).putString("key_" + addSiteAddress, new String(Base64.encode(privateKeyData, Base64.DEFAULT))).apply();
updateSiteList();
addSiteAddress = "";
Toast.makeText(CertificatesActivity.this, "Restart Xenia to apply changes", Toast.LENGTH_LONG).show();
}
@Override
protected void onActivityResult(int requestCode, int resultCode, Intent data) {
super.onActivityResult(requestCode, resultCode, data);
Log.d("xenia", "result code " + resultCode);
if (requestCode == requestCodeCertificate && resultCode == RESULT_OK) {
addSiteCertificate = data.getData();
selectPrivateKey();
} else if (requestCode == requestCodePrivateKey && resultCode == RESULT_OK) {
addSitePrivateKey = data.getData();
finishAddingSite();
}
}
@Override
public boolean onCreateOptionsMenu(Menu menu) {
// Inflate the menu; this adds items to the action bar if it is present.
getMenuInflater().inflate(R.menu.menu_certificates, menu);
return true;
}
@Override
public boolean onOptionsItemSelected(MenuItem item) {
switch (item.getItemId()) {
case android.R.id.home:
finish();
return true;
case R.id.navigation_add_site:
addSite();
return true;
default:
return super.onOptionsItemSelected(item);
}
}
}

View File

@ -26,6 +26,11 @@ public class MainActivity extends Activity {
startActivity(intent);
}
public void manageCertificates(View view) {
Intent intent = new Intent(getApplicationContext(), CertificatesActivity.class);
startActivity(intent);
}
public void exit(View view) {
NotificationManager notificationManager = (NotificationManager) getApplicationContext().getSystemService(Context.NOTIFICATION_SERVICE);
notificationManager.cancelAll();

View File

@ -7,12 +7,17 @@ import android.app.PendingIntent;
import android.app.Service;
import android.content.Context;
import android.content.Intent;
import android.content.SharedPreferences;
import android.os.Build;
import android.os.Handler;
import android.os.IBinder;
import android.util.Base64;
import android.util.Log;
import android.widget.Toast;
import java.util.HashSet;
import java.util.Set;
import space.rocketnine.gmitohtml.Gmitohtml;
public class XeniaService extends Service {
@ -84,6 +89,26 @@ public class XeniaService extends Service {
public int onStartCommand(Intent intent, int flags, int startId) {
Log.d("xenia", "service starting");
SharedPreferences prefs = getSharedPreferences("xenia", Context.MODE_PRIVATE);
Set<String> sites = prefs.getStringSet("certs", new HashSet<String>());
for (String site : sites) {
try {
String certificate = prefs.getString("cert_" + site, "");
if (!certificate.isEmpty()) {
certificate = new String(Base64.decode(certificate, Base64.DEFAULT));
}
String privateKey = prefs.getString("key_" + site, "");
if (!privateKey.isEmpty()) {
privateKey = new String(Base64.decode(privateKey, Base64.DEFAULT));
}
Gmitohtml.setClientCertificate(site, certificate.getBytes(), privateKey.getBytes());
} catch (Exception e) {
e.printStackTrace();
}
}
try {
Gmitohtml.startDaemon("127.0.0.1:1967");
} catch (Exception e) {

View File

@ -0,0 +1,11 @@
<vector xmlns:android="http://schemas.android.com/apk/res/android"
android:width="24dp"
android:height="24dp"
android:viewportWidth="24"
android:viewportHeight="24"
android:tint="#FFFFFF"
android:alpha="0.8">
<path
android:fillColor="@android:color/white"
android:pathData="M19,3L5,3c-1.11,0 -2,0.9 -2,2v14c0,1.1 0.89,2 2,2h14c1.1,0 2,-0.9 2,-2L21,5c0,-1.1 -0.9,-2 -2,-2zM17,13h-4v4h-2v-4L7,13v-2h4L11,7h2v4h4v2z"/>
</vector>

Binary file not shown.

After

Width:  |  Height:  |  Size: 194 B

Binary file not shown.

After

Width:  |  Height:  |  Size: 140 B

View File

@ -1,31 +0,0 @@
<vector xmlns:android="http://schemas.android.com/apk/res/android"
xmlns:aapt="http://schemas.android.com/aapt"
android:width="108dp"
android:height="108dp"
android:viewportWidth="108"
android:viewportHeight="108">
<path
android:pathData="M31,63.928c0,0 6.4,-11 12.1,-13.1c7.2,-2.6 26,-1.4 26,-1.4l38.1,38.1L107,108.928l-32,-1L31,63.928z">
<aapt:attr name="android:fillColor">
<gradient
android:startY="49.59793"
android:startX="42.9492"
android:endY="92.4963"
android:endX="85.84757"
android:type="linear">
<item
android:color="#44000000"
android:offset="0.0" />
<item
android:color="#00000000"
android:offset="1.0" />
</gradient>
</aapt:attr>
</path>
<path
android:pathData="M65.3,45.828l3.8,-6.6c0.2,-0.4 0.1,-0.9 -0.3,-1.1c-0.4,-0.2 -0.9,-0.1 -1.1,0.3l-3.9,6.7c-6.3,-2.8 -13.4,-2.8 -19.7,0l-3.9,-6.7c-0.2,-0.4 -0.7,-0.5 -1.1,-0.3C38.8,38.328 38.7,38.828 38.9,39.228l3.8,6.6C36.2,49.428 31.7,56.028 31,63.928h46C76.3,56.028 71.8,49.428 65.3,45.828zM43.4,57.328c-0.8,0 -1.5,-0.5 -1.8,-1.2c-0.3,-0.7 -0.1,-1.5 0.4,-2.1c0.5,-0.5 1.4,-0.7 2.1,-0.4c0.7,0.3 1.2,1 1.2,1.8C45.3,56.528 44.5,57.328 43.4,57.328L43.4,57.328zM64.6,57.328c-0.8,0 -1.5,-0.5 -1.8,-1.2s-0.1,-1.5 0.4,-2.1c0.5,-0.5 1.4,-0.7 2.1,-0.4c0.7,0.3 1.2,1 1.2,1.8C66.5,56.528 65.6,57.328 64.6,57.328L64.6,57.328z"
android:fillColor="#FFFFFF"
android:fillType="nonZero"
android:strokeWidth="1"
android:strokeColor="#00000000"/>
</vector>

Binary file not shown.

After

Width:  |  Height:  |  Size: 201 B

Binary file not shown.

After

Width:  |  Height:  |  Size: 249 B

View File

@ -1,9 +0,0 @@
<vector xmlns:android="http://schemas.android.com/apk/res/android"
android:width="24dp"
android:height="24dp"
android:viewportWidth="24.0"
android:viewportHeight="24.0">
<path
android:fillColor="#FF000000"
android:pathData="M3,13h8L11,3L3,3v10zM3,21h8v-6L3,15v6zM13,21h8L21,11h-8v10zM13,3v6h8L21,3h-8z" />
</vector>

View File

@ -1,9 +0,0 @@
<vector xmlns:android="http://schemas.android.com/apk/res/android"
android:width="24dp"
android:height="24dp"
android:viewportWidth="24.0"
android:viewportHeight="24.0">
<path
android:fillColor="#FF000000"
android:pathData="M10,20v-6h4v6h5v-8h3L12,3 2,12h3v8z" />
</vector>

View File

@ -1,9 +0,0 @@
<vector xmlns:android="http://schemas.android.com/apk/res/android"
android:width="24dp"
android:height="24dp"
android:viewportWidth="24.0"
android:viewportHeight="24.0">
<path
android:fillColor="#FF000000"
android:pathData="M12,22c1.1,0 2,-0.9 2,-2h-4c0,1.1 0.89,2 2,2zM18,16v-5c0,-3.07 -1.64,-5.64 -4.5,-6.32L13.5,4c0,-0.83 -0.67,-1.5 -1.5,-1.5s-1.5,0.67 -1.5,1.5v0.68C7.63,5.36 6,7.92 6,11v5l-2,2v1h16v-1l-2,-2z" />
</vector>

View File

@ -0,0 +1,13 @@
<?xml version="1.0" encoding="utf-8"?>
<LinearLayout xmlns:android="http://schemas.android.com/apk/res/android"
xmlns:tools="http://schemas.android.com/tools"
android:layout_width="match_parent"
android:layout_height="match_parent"
tools:context=".CertificatesActivity">
<ListView
android:id="@+id/certificatesList"
android:layout_width="match_parent"
android:layout_height="match_parent" />
</LinearLayout>

View File

@ -11,6 +11,13 @@
android:layout_weight="1"
android:onClick="openBrowser"/>
<Button
android:layout_width="match_parent"
android:text="Manage client certificates"
android:layout_height="0dp"
android:layout_weight="1"
android:onClick="manageCertificates"/>
<Button
android:layout_width="match_parent"
android:layout_height="0dp"
@ -18,4 +25,4 @@
android:text="Stop and exit"
android:onClick="exit"/>
</LinearLayout>
</LinearLayout>

View File

@ -1,19 +0,0 @@
<?xml version="1.0" encoding="utf-8"?>
<menu xmlns:android="http://schemas.android.com/apk/res/android">
<item
android:id="@+id/navigation_home"
android:icon="@drawable/ic_home_black_24dp"
android:title="@string/title_home" />
<item
android:id="@+id/navigation_dashboard"
android:icon="@drawable/ic_dashboard_black_24dp"
android:title="@string/title_dashboard" />
<item
android:id="@+id/navigation_notifications"
android:icon="@drawable/ic_notifications_black_24dp"
android:title="@string/title_notifications" />
</menu>

View File

@ -0,0 +1,10 @@
<?xml version="1.0" encoding="utf-8"?>
<menu xmlns:android="http://schemas.android.com/apk/res/android">
<item
android:id="@+id/navigation_add_site"
android:showAsAction="always"
android:icon="@drawable/ic_add"
android:title="Add site"/>
</menu>