Initial (re-)release

Re-releasing Sieve.

With major thanks to Ken Gannon @ NCC Group.

Co-Authored-By: Ken Gannon <10925671+yogehi@users.noreply.github.com>

.gitignore

@@ -0,0 +1,33 @@
+# Gradle files
+.gradle/
+build/
+
+# Local configuration file (sdk path, etc)
+local.properties
+
+# Log/OS Files
+*.log
+
+# Android Studio generated files and folders
+captures/
+.externalNativeBuild/
+.cxx/
+*.apk
+output.json
+
+# IntelliJ
+*.iml
+.idea/
+misc.xml
+deploymentTargetDropDown.xml
+render.experimental.xml
+
+# Keystore files
+*.jks
+*.keystore
+
+# Google Services (e.g. APIs or Firebase)
+google-services.json
+
+# Android Profiling
+*.hprof

app/.gitignore

@@ -0,0 +1 @@
+/build

app/build.gradle.kts

@@ -0,0 +1,59 @@
+plugins {
+    id("com.android.application")
+}
+
+android {
+    namespace = "com.withsecure.example.sieve"
+    compileSdk = 34
+
+    defaultConfig {
+        applicationId = "com.withsecure.example.sieve"
+        minSdk = 17
+        targetSdk = 28
+        versionCode = 1
+        versionName = "1.0"
+
+        testInstrumentationRunner = "androidx.test.runner.AndroidJUnitRunner"
+
+        externalNativeBuild {
+            cmake {
+                cppFlags("-std=c++11")
+                abiFilters("armeabi-v7a", "arm64-v8a", "x86", "x86_64")
+                arguments("-DANDROID_STL=c++_shared")
+            }
+        }
+    }
+
+    buildTypes {
+        release {
+            isMinifyEnabled = false
+            proguardFiles(
+                getDefaultProguardFile("proguard-android-optimize.txt"),
+                "proguard-rules.pro"
+            )
+        }
+    }
+    compileOptions {
+        sourceCompatibility = JavaVersion.VERSION_1_8
+        targetCompatibility = JavaVersion.VERSION_1_8
+    }
+    externalNativeBuild {
+        cmake {
+            path = file("src/main/cpp/CMakeLists.txt")
+            version = "3.22.1"
+        }
+    }
+    buildFeatures {
+        viewBinding = true
+    }
+}
+
+dependencies {
+
+    implementation("androidx.appcompat:appcompat:1.6.1")
+    implementation("com.google.android.material:material:1.10.0")
+    implementation("androidx.constraintlayout:constraintlayout:2.1.4")
+    testImplementation("junit:junit:4.13.2")
+    androidTestImplementation("androidx.test.ext:junit:1.1.5")
+    androidTestImplementation("androidx.test.espresso:espresso-core:3.5.1")
+}

app/proguard-rules.pro

@@ -0,0 +1,21 @@
+# Add project specific ProGuard rules here.
+# You can control the set of applied configuration files using the
+# proguardFiles setting in build.gradle.
+#
+# For more details, see
+#   http://developer.android.com/guide/developing/tools/proguard.html
+
+# If your project uses WebView with JS, uncomment the following
+# and specify the fully qualified class name to the JavaScript interface
+# class:
+#-keepclassmembers class fqcn.of.javascript.interface.for.webview {
+#   public *;
+#}
+
+# Uncomment this to preserve the line number information for
+# debugging stack traces.
+#-keepattributes SourceFile,LineNumberTable
+
+# If you keep the line number information, uncomment this to
+# hide the original source file name.
+#-renamesourcefileattribute SourceFile

app/src/androidTest/java/com/withsecure/example/sieve/ExampleInstrumentedTest.java

@@ -0,0 +1,26 @@
+package com.withsecure.example.sieve;
+
+import android.content.Context;
+
+import androidx.test.platform.app.InstrumentationRegistry;
+import androidx.test.ext.junit.runners.AndroidJUnit4;
+
+import org.junit.Test;
+import org.junit.runner.RunWith;
+
+import static org.junit.Assert.*;
+
+/**
+ * Instrumented test, which will execute on an Android device.
+ *
+ * @see <a href="http://d.android.com/tools/testing">Testing documentation</a>
+ */
+@RunWith(AndroidJUnit4.class)
+public class ExampleInstrumentedTest {
+    @Test
+    public void useAppContext() {
+        // Context of the app under test.
+        Context appContext = InstrumentationRegistry.getInstrumentation().getTargetContext();
+        assertEquals("com.withsecure.example.sieve", appContext.getPackageName());
+    }
+}

app/src/main/AndroidManifest.xml

@@ -0,0 +1,112 @@
+<?xml version="1.0" encoding="utf-8"?>
+<manifest xmlns:android="http://schemas.android.com/apk/res/android"
+    xmlns:tools="http://schemas.android.com/tools">
+
+    <uses-permission android:name="android.permission.POST_NOTIFICATIONS" />
+    <uses-permission android:name="android.permission.INTERNET"/>
+    <permission android:name="com.withsecure.example.sieve.READ_KEYS" android:protectionLevel="dangerous"/>
+    <permission android:name="com.withsecure.example.sieve.WRITE_KEYS" android:protectionLevel="dangerous"/>
+
+    <application
+        android:allowBackup="true"
+        android:dataExtractionRules="@xml/data_extraction_rules"
+        android:fullBackupContent="@xml/backup_rules"
+        android:icon="@mipmap/ic_launcher"
+        android:label="@string/app_name"
+        android:supportsRtl="true"
+        android:theme="@style/Theme.Sieve"
+        tools:targetApi="31"
+        android:debuggable="true"
+        tools:ignore="HardcodedDebugMode">
+
+        <activity
+            android:label="@string/app_name"
+            android:name="com.withsecure.example.sieve.activity.MainLoginActivity"
+            android:launchMode="singleTask"
+            android:windowSoftInputMode="adjustResize|stateVisible"
+            android:exported="true">
+            <intent-filter>
+                <action android:name="android.intent.action.MAIN"/>
+                <category android:name="android.intent.category.LAUNCHER"/>
+            </intent-filter>
+        </activity>
+
+        <activity
+            android:label="@string/title_activity_file_select"
+            android:name="com.withsecure.example.sieve.activity.FileSelectActivity"
+            android:exported="true"
+            android:clearTaskOnLaunch="true" />
+
+        <activity android:label="@string/title_activity_pwlist"
+            android:name="com.withsecure.example.sieve.activity.PWList"
+            android:exported="true"
+            android:clearTaskOnLaunch="true"
+            />
+
+        <activity
+            android:label="@string/title_activity_settings"
+            android:name="com.withsecure.example.sieve.activity.SettingsActivity"
+            android:clearTaskOnLaunch="true"
+            />
+
+        <activity
+            android:label="@string/title_activity_add_entry"
+            android:name="com.withsecure.example.sieve.activity.AddEntryActivity"
+            android:clearTaskOnLaunch="true"
+            />
+
+        <activity
+            android:label="@string/title_activity_short_login"
+            android:name="com.withsecure.example.sieve.activity.ShortLoginActivity"
+            android:clearTaskOnLaunch="true"
+            />
+
+        <activity
+            android:label="@string/title_activity_welcome"
+            android:name="com.withsecure.example.sieve.activity.WelcomeActivity"
+            android:clearTaskOnLaunch="true"
+            />
+
+        <activity
+            android:label="@string/title_activity_pin"
+            android:name="com.withsecure.example.sieve.activity.PINActivity"
+            android:clearTaskOnLaunch="true"
+            />
+
+        <service
+            android:name="com.withsecure.example.sieve.service.AuthService"
+            android:exported="true" android:process=":remote"
+            />
+
+        <service
+            android:name="com.withsecure.example.sieve.service.CryptoService"
+            android:exported="true"
+            android:process=":remote"
+            />
+
+        <provider
+            android:name="com.withsecure.example.sieve.provider.DBContentProvider"
+            android:exported="true"
+            android:multiprocess="true"
+            android:authorities="com.withsecure.example.sieve.provider.DBContentProvider">
+            <path-permission
+                android:readPermission="com.withsecure.example.sieve.READ_KEYS"
+                android:writePermission="com.withsecure.example.sieve.WRITE_KEYS"
+                android:path="/Keys"
+                />
+            <path-permission
+                android:readPermission="com.withsecure.example.sieve.READ_KEYS"
+                android:writePermission="com.withsecure.example.sieve.WRITE_KEYS"
+                android:path="/Keys/*"
+                />
+        </provider>
+
+        <provider
+            android:name="com.withsecure.example.sieve.provider.FileBackupProvider"
+            android:exported="true"
+            android:multiprocess="true"
+            android:authorities="com.withsecure.example.sieve.provider.FileBackupProvider"/>
+
+    </application>
+
+</manifest>

app/src/main/cpp/CMakeLists.txt

@@ -0,0 +1,44 @@
+# For more information about using CMake with Android Studio, read the
+# documentation: https://d.android.com/studio/projects/add-native-code.html.
+# For more examples on how to use CMake, see https://github.com/android/ndk-samples.
+
+# Sets the minimum CMake version required for this project.
+cmake_minimum_required(VERSION 3.22.1)
+
+# Declares the project name. The project name can be accessed via ${ PROJECT_NAME},
+# Since this is the top level CMakeLists.txt, the project name is also accessible
+# with ${CMAKE_PROJECT_NAME} (both CMake variables are in-sync within the top level
+# build script scope).
+project("sieve")
+
+# Creates and names a library, sets it as either STATIC
+# or SHARED, and provides the relative paths to its source code.
+# You can define multiple libraries, and CMake builds them for you.
+# Gradle automatically packages shared libraries with your APK.
+#
+# In this top level CMakeLists.txt, ${CMAKE_PROJECT_NAME} is used to define
+# the target library name; in the sub-module's CMakeLists.txt, ${PROJECT_NAME}
+# is preferred for the same purpose.
+#
+# In order to load a library into your app from Java/Kotlin, you must call
+# System.loadLibrary() and pass the name of the library defined here;
+# for GameActivity/NativeActivity derived applications, the same library name must be
+# used in the AndroidManifest.xml file.
+add_library(
+        # Sets the name of the library.
+        ${CMAKE_PROJECT_NAME}
+        # Sets the library as a shared library.
+        SHARED
+        # List C/C++ source files with relative paths to this CMakeLists.txt.
+        native-lib.cpp
+)
+
+# Specifies libraries CMake should link to your target library. You
+# can link libraries from various origins, such as libraries defined in this
+# build script, prebuilt third-party libraries, or Android system libraries.
+target_link_libraries(${CMAKE_PROJECT_NAME}
+        # List libraries link to the target library
+        android
+        log)
+
+set(CMAKE_CXX_STANDARD 11)

app/src/main/cpp/native-lib.cpp

@@ -0,0 +1,88 @@
+#include <jni.h>
+#include <string>
+
+extern "C"
+JNIEXPORT jstring JNICALL
+Java_com_withsecure_example_sieve_service_CryptoService_runNDKdecrypt(JNIEnv *env, jobject thiz,
+                                                              jstring yaystrkeyyay, jbyteArray yayencryptedtextyay) {
+
+    // get the length of the result array and key
+    jsize yayencryptedlengthyay = env->GetArrayLength(yayencryptedtextyay);
+    jsize yaykeylengthyay = env->GetStringLength(yaystrkeyyay);
+
+    // get a pointer to the bytes of the result array
+    jbyte *yayencryptedcharsyay = env->GetByteArrayElements(yayencryptedtextyay, nullptr);
+    const jchar *yaykeycharsyay = env->GetStringChars(yaystrkeyyay, nullptr);
+
+    // create a new char array to store the decrypted result
+    jcharArray yaydecryptedarrayyay = env->NewCharArray(yayencryptedlengthyay);
+    jchar *yaydecryptedcharsyay = env->GetCharArrayElements(yaydecryptedarrayyay, nullptr);
+
+    // perform XOR operation on each byte of the result array
+    // iterate through result array
+    for (int i = 0; i < yayencryptedlengthyay; ++i) {
+        // iterate through key
+        for (int i2 = 0; i2 < yaykeylengthyay; ++i2) {
+            // convert the result of XOR to jchar and store in the decrypted array
+            jchar xor_key = yaykeycharsyay[i2]; // ken added
+            yaydecryptedcharsyay[i] = static_cast<jchar>(yayencryptedcharsyay[i] ^ xor_key);
+        }
+
+    }
+
+    // set the chars in the decrypted array
+    env->SetCharArrayRegion(yaydecryptedarrayyay, 0, yayencryptedlengthyay, yaydecryptedcharsyay);
+
+    // release resources
+    env->ReleaseByteArrayElements(yayencryptedtextyay, yayencryptedcharsyay, 0);
+    env->ReleaseCharArrayElements(yaydecryptedarrayyay, yaydecryptedcharsyay, 0);
+
+    // convert the decrypted array to jstring
+    jstring yaydecryptedstringyay = env->NewString(yaydecryptedcharsyay, yayencryptedlengthyay);
+
+    // return the decrypted string
+    return yaydecryptedstringyay;
+}
+
+
+extern "C"
+JNIEXPORT jbyteArray JNICALL
+Java_com_withsecure_example_sieve_service_CryptoService_runNDKencrypt(JNIEnv *env, jobject thiz,
+                                                              jstring yaystringkeyyay, jstring yayplaintextyay) {
+
+    // get the length of the input string and key
+    jsize yayplaintextlengthyay = env->GetStringLength(yayplaintextyay);
+    jsize yaykeylengthyay = env->GetStringLength(yaystringkeyyay);
+
+    // get a pointer to the characters of the input string and input key
+    const jchar *yayplaintextcharsyay = env->GetStringChars(yayplaintextyay, nullptr);
+    const jchar *yaykeycharsyay = env->GetStringChars(yaystringkeyyay, nullptr);
+
+    // create a new byte array to store the result
+    jbyteArray yayresultarrayyay = env->NewByteArray(yayplaintextlengthyay);
+
+    // get a pointer to the bytes of the result array
+    jbyte *yayresultcharsyay = env->GetByteArrayElements(yayresultarrayyay, nullptr);
+
+    // perform XOR operation on each character of the input string
+    // iterate through every character in the plaintext value
+    for (int i = 0; i < yayplaintextlengthyay; ++i) {
+        // iterate through every character in the key
+        for (int i2 = 0; i2 < yaykeylengthyay; ++i2) {
+            // convert the result of XOR to jbyte and store in the result array
+            jchar xor_key = yaykeycharsyay[i2];
+            yayresultcharsyay[i] = static_cast<jbyte>(yayplaintextcharsyay[i] ^ xor_key);
+        }
+
+    }
+
+    // set the bytes in the result array
+    env->SetByteArrayRegion(yayresultarrayyay, 0, yayplaintextlengthyay, yayresultcharsyay);
+
+    // release resources
+    env->ReleaseStringChars(yayplaintextyay, yayplaintextcharsyay);
+    env->ReleaseByteArrayElements(yayresultarrayyay, yayresultcharsyay, 0);
+
+    // return the encrypted or decrypted result array
+    return yayresultarrayyay;
+}