diff options
| author | Markus Doits <markus.doits@googlemail.com> | 2011-11-04 21:22:49 +0100 |
|---|---|---|
| committer | Markus Doits <markus.doits@googlemail.com> | 2011-11-04 21:22:49 +0100 |
| commit | ad1657465778c05cef7a7ba9d25f97943cf68144 (patch) | |
| tree | 3fadab61a099b49f8a9ac49f3d3abe5240f8996e /src/org/thialfihar/android/apg/ApgService.java | |
| parent | a7294d50b1f6a7f0ab30118602a1fcbdad0b8169 (diff) | |
| download | open-keychain-ad1657465778c05cef7a7ba9d25f97943cf68144.tar.gz open-keychain-ad1657465778c05cef7a7ba9d25f97943cf68144.tar.bz2 open-keychain-ad1657465778c05cef7a7ba9d25f97943cf68144.zip | |
Allow to pass large blobs and a new content provider to simplify this
Since AIDL is not for passing large data, a blob can be passed to APG by
a Uri. This Uri is opened as a file by APG and read/written to. Note the
file is overwritten by APG, so make sure it is a copy if you want to
keep the original.
With the ApgServiceBlobProvider, Apg has an own ContentProvider that can
be used like mentioned above. For now the data is stored in the dir
where APG stores other files and NOT DELETED after en/decryption. This
is tbd. It can only be accessed by an application with the permission
"org.thialfihar.android.apg.permission.STORE_BLOBS".
ApgCon has been updated accordingly and can handle blobs with `setBlob`
and `getBlobResult`. That is a really easy way to en/decrypt large data.
Note that encrypting by blob should only be used for large files (1MB+).
On all other cases, the data should be passed as as String through the
AIDl-Interface, so no temporary file must be created.
See ApgCon for a complete example of how to connect to the AIDL and use
it. Or use it in your own project!
Diffstat (limited to 'src/org/thialfihar/android/apg/ApgService.java')
| -rw-r--r-- | src/org/thialfihar/android/apg/ApgService.java | 118 |
1 files changed, 97 insertions, 21 deletions
diff --git a/src/org/thialfihar/android/apg/ApgService.java b/src/org/thialfihar/android/apg/ApgService.java index 0a25c6055..46d8b4765 100644 --- a/src/org/thialfihar/android/apg/ApgService.java +++ b/src/org/thialfihar/android/apg/ApgService.java @@ -2,6 +2,7 @@ package org.thialfihar.android.apg; import java.io.ByteArrayInputStream; import java.io.ByteArrayOutputStream; +import java.io.IOException; import java.io.InputStream; import java.io.OutputStream; import java.lang.reflect.Method; @@ -14,17 +15,19 @@ import org.thialfihar.android.apg.provider.KeyRings; import org.thialfihar.android.apg.provider.Keys; import org.thialfihar.android.apg.provider.UserIds; +import android.content.ContentResolver; import android.content.Intent; import android.database.Cursor; import android.database.sqlite.SQLiteQueryBuilder; +import android.net.Uri; import android.os.Bundle; import android.os.IBinder; import android.util.Log; public class ApgService extends Service { private final static String TAG = "ApgService"; - private static final boolean LOCAL_LOGV = true; - private static final boolean LOCAL_LOGD = true; + public static final boolean LOCAL_LOGV = true; + public static final boolean LOCAL_LOGD = true; @Override public IBinder onBind(Intent intent) { @@ -33,7 +36,7 @@ public class ApgService extends Service { } /** error status */ - private enum error { + private static enum error { ARGUMENTS_MISSING, APG_FAILURE, NO_MATCHING_SECRET_KEY, @@ -44,9 +47,16 @@ public class ApgService extends Service { return ordinal() + 100; } } + + private static enum call { + encrypt_with_passphrase, + encrypt_with_public_key, + decrypt, + get_keys + } /** all arguments that can be passed by calling application */ - private enum arg { + public static enum arg { MESSAGE, // message to encrypt or to decrypt SYMMETRIC_PASSPHRASE, // key for symmetric en/decryption PUBLIC_KEYS, // public keys for encryption @@ -58,10 +68,11 @@ public class ApgService extends Service { SIGNATURE_KEY, // key for signing PRIVATE_KEY_PASSPHRASE, // passphrase for encrypted private key KEY_TYPE, // type of key (private or public) + BLOB, // blob passed } /** all things that might be returned */ - private enum ret { + private static enum ret { ERRORS, // string array list with errors WARNINGS, // string array list with warnings ERROR, // numeric error @@ -75,21 +86,18 @@ public class ApgService extends Service { static { HashSet<arg> args = new HashSet<arg>(); args.add(arg.SYMMETRIC_PASSPHRASE); - args.add(arg.MESSAGE); - FUNCTIONS_REQUIRED_ARGS.put("encrypt_with_passphrase", args); + FUNCTIONS_REQUIRED_ARGS.put(call.encrypt_with_passphrase.name(), args); args = new HashSet<arg>(); args.add(arg.PUBLIC_KEYS); - args.add(arg.MESSAGE); - FUNCTIONS_REQUIRED_ARGS.put("encrypt_with_public_key", args); + FUNCTIONS_REQUIRED_ARGS.put(call.encrypt_with_public_key.name(), args); args = new HashSet<arg>(); - args.add(arg.MESSAGE); - FUNCTIONS_REQUIRED_ARGS.put("decrypt", args); + FUNCTIONS_REQUIRED_ARGS.put(call.decrypt.name(), args); args = new HashSet<arg>(); args.add(arg.KEY_TYPE); - FUNCTIONS_REQUIRED_ARGS.put("get_keys", args); + FUNCTIONS_REQUIRED_ARGS.put(call.get_keys.name(), args); } /** optional arguments for each AIDL function */ @@ -103,14 +111,18 @@ public class ApgService extends Service { args.add(arg.COMPRESSION); args.add(arg.PRIVATE_KEY_PASSPHRASE); args.add(arg.SIGNATURE_KEY); - FUNCTIONS_OPTIONAL_ARGS.put("encrypt_with_passphrase", args); - FUNCTIONS_OPTIONAL_ARGS.put("encrypt_with_public_key", args); + args.add(arg.BLOB); + args.add(arg.MESSAGE); + FUNCTIONS_OPTIONAL_ARGS.put(call.encrypt_with_passphrase.name(), args); + FUNCTIONS_OPTIONAL_ARGS.put(call.encrypt_with_public_key.name(), args); args = new HashSet<arg>(); args.add(arg.SYMMETRIC_PASSPHRASE); args.add(arg.PUBLIC_KEYS); args.add(arg.PRIVATE_KEY_PASSPHRASE); - FUNCTIONS_OPTIONAL_ARGS.put("decrypt", args); + args.add(arg.MESSAGE); + args.add(arg.BLOB); + FUNCTIONS_OPTIONAL_ARGS.put(call.decrypt.name(), args); } /** a map from ApgService parameters to function calls to get the default */ @@ -136,6 +148,14 @@ public class ApgService extends Service { Log.e(TAG, "Function method exception: " + e.getMessage()); } } + + private static void writeToOutputStream(InputStream is, OutputStream os) throws IOException { + byte[] buffer = new byte[8]; + int len = 0; + while( (len = is.read(buffer)) != -1) { + os.write(buffer, 0, len); + } + } private static Cursor getKeyEntries(HashMap<String, Object> pParams) { SQLiteQueryBuilder qb = new SQLiteQueryBuilder(); @@ -304,6 +324,16 @@ public class ApgService extends Service { } } } + + if(pFunction.equals(call.encrypt_with_passphrase.name()) || + pFunction.equals(call.encrypt_with_public_key.name()) || + pFunction.equals(call.decrypt.name())) { + // check that either MESSAGE or BLOB are there + if( !pArgs.containsKey(arg.MESSAGE.name()) && !pArgs.containsKey(arg.BLOB.name())) { + pReturn.getStringArrayList(ret.ERRORS.name()).add("Arguments missing: Neither MESSAGE nor BLOG found"); + } + + } } /** @@ -378,6 +408,7 @@ public class ApgService extends Service { } private boolean encrypt(Bundle pArgs, Bundle pReturn) { + boolean isBlob = pArgs.containsKey(arg.BLOB.name()); long pubMasterKeys[] = {}; if (pArgs.containsKey(arg.PUBLIC_KEYS.name())) { @@ -391,7 +422,17 @@ public class ApgService extends Service { pubMasterKeys = getMasterKey(pubKeys, pReturn); } - InputStream inStream = new ByteArrayInputStream(pArgs.getString(arg.MESSAGE.name()).getBytes()); + InputStream inStream = null; + if(isBlob) { + ContentResolver cr = getContentResolver(); + try { + inStream = cr.openInputStream(Uri.parse(pArgs.getString(arg.BLOB.name()))); + } catch (Exception e) { + Log.e(TAG, "... exception on opening blob", e); + } + } else { + inStream = new ByteArrayInputStream(pArgs.getString(arg.MESSAGE.name()).getBytes()); + } InputData in = new InputData(inStream, 0); // XXX Size second param? OutputStream out = new ByteArrayOutputStream(); @@ -427,7 +468,18 @@ public class ApgService extends Service { return false; } if( LOCAL_LOGV ) Log.v(TAG, "Encrypted"); - pReturn.putString(ret.RESULT.name(), out.toString()); + if(isBlob) { + ContentResolver cr = getContentResolver(); + try { + OutputStream outStream = cr.openOutputStream(Uri.parse(pArgs.getString(arg.BLOB.name()))); + writeToOutputStream(new ByteArrayInputStream(out.toString().getBytes()), outStream); + outStream.close(); + } catch (Exception e) { + Log.e(TAG, "... exception on writing blob", e); + } + } else { + pReturn.putString(ret.RESULT.name(), out.toString()); + } return true; } @@ -481,11 +533,24 @@ public class ApgService extends Service { if (!prepareArgs("decrypt", pArgs, pReturn)) { return false; } + + boolean isBlob = pArgs.containsKey(arg.BLOB.name()); String passphrase = pArgs.getString(arg.SYMMETRIC_PASSPHRASE.name()) != null ? pArgs.getString(arg.SYMMETRIC_PASSPHRASE.name()) : pArgs .getString(arg.PRIVATE_KEY_PASSPHRASE.name()); - InputStream inStream = new ByteArrayInputStream(pArgs.getString(arg.MESSAGE.name()).getBytes()); + InputStream inStream = null; + if(isBlob) { + ContentResolver cr = getContentResolver(); + try { + inStream = cr.openInputStream(Uri.parse(pArgs.getString(arg.BLOB.name()))); + } catch (Exception e) { + Log.e(TAG, "... exception on opening blob", e); + } + } else { + inStream = new ByteArrayInputStream(pArgs.getString(arg.MESSAGE.name()).getBytes()); + } + InputData in = new InputData(inStream, 0); // XXX what size in second parameter? OutputStream out = new ByteArrayOutputStream(); if( LOCAL_LOGV ) Log.v(TAG, "About to decrypt"); @@ -508,9 +573,20 @@ public class ApgService extends Service { } return false; } - if( LOCAL_LOGV ) Log.v(TAG, "Decrypted"); - - pReturn.putString(ret.RESULT.name(), out.toString()); + if( LOCAL_LOGV ) Log.v(TAG, "... decrypted"); + + if(isBlob) { + ContentResolver cr = getContentResolver(); + try { + OutputStream outStream = cr.openOutputStream(Uri.parse(pArgs.getString(arg.BLOB.name()))); + writeToOutputStream(new ByteArrayInputStream(out.toString().getBytes()), outStream); + outStream.close(); + } catch (Exception e) { + Log.e(TAG, "... exception on writing blob", e); + } + } else { + pReturn.putString(ret.RESULT.name(), out.toString()); + } return true; } |