Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update dependencies #536

Merged
merged 6 commits into from
May 23, 2024
Merged

Update dependencies #536

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
ab54805
Update dependencies
SailReal May 3, 2024
f82f151
Update dependencies and migrate to Jetpack view binding
SailReal May 22, 2024
454d872
Fix GitHub build
SailReal May 22, 2024
769dae1
Fix build requirement in README
SailReal May 22, 2024
58f0dac
Fix unlock on Android 14 devices
SailReal May 23, 2024
d569d0c
Reorder permission
SailReal May 23, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .github/workflows/build.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,6 @@ jobs:
fetch-depth: 0
- uses: actions/setup-java@v1
with:
java-version: 11
java-version: 17
- name: Build and Test
run: bash ./gradlew clean test --stacktrace
2 changes: 1 addition & 1 deletion README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ Cryptomator for Android is currently available in the following distribution ch
### Dependencies

* Git
* JDK 11
* JDK 17
* Gradle

### Run Git and Gradle
Expand Down
8 changes: 3 additions & 5 deletions build.gradle
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,16 +1,14 @@
apply from: 'buildsystem/dependencies.gradle'
apply plugin: "com.vanniktech.android.junit.jacoco"
JaniruTEC marked this conversation as resolved.
Show resolved Hide resolved

buildscript {
ext.kotlin_version = '1.7.20'
ext.kotlin_version = '1.9.24'
repositories {
mavenCentral()
google()
}
dependencies {
classpath 'com.android.tools.build:gradle:7.4.2'
classpath 'org.greenrobot:greendao-gradle-plugin:3.3.0'
classpath 'com.vanniktech:gradle-android-junit-jacoco-plugin:0.16.0'
classpath 'com.android.tools.build:gradle:8.4.1'
classpath 'org.greenrobot:greendao-gradle-plugin:3.3.1'
classpath "org.jetbrains.kotlin:kotlin-gradle-plugin:$kotlin_version"
classpath "de.mannodermaus.gradle.plugins:android-junit5:1.7.1.1"
}
Expand Down
8 changes: 4 additions & 4 deletions buildsystem/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,9 +19,9 @@ RUN apt-get update -y && apt-get install -y apt-utils wget git unzip
RUN apt-get update -y && apt-get install -y $(cat docker/dependencies.txt)
RUN docker/print-versions.sh docker/dependencies.txt

ENV ANDROID_COMMAND_LINE_TOOLS_FILENAME commandlinetools-linux-9477386_latest.zip
ENV ANDROID_API_LEVELS android-33
ENV ANDROID_BUILD_TOOLS_VERSION 33.0.2
ENV ANDROID_COMMAND_LINE_TOOLS_FILENAME commandlinetools-linux-10406996_latest.zip
ENV ANDROID_API_LEVELS android-34
ENV ANDROID_BUILD_TOOLS_VERSION 34.0.0

ENV ANDROID_HOME /usr/local/android-sdk-linux
ENV PATH ${PATH}:${ANDROID_HOME}/tools:${ANDROID_HOME}/platform-tools:${ANDROID_HOME}/cmdline-tools/bin
Expand All @@ -35,6 +35,6 @@ RUN yes | sdkmanager --update --sdk_root="${ANDROID_HOME}"
RUN yes | sdkmanager --sdk_root="${ANDROID_HOME}" "platforms;${ANDROID_API_LEVELS}" "build-tools;${ANDROID_BUILD_TOOLS_VERSION}"

RUN yes | sdkmanager --licenses --sdk_root="${ANDROID_HOME}"
RUN update-java-alternatives -s java-1.11.0-openjdk-amd64
RUN update-java-alternatives -s java-1.17.0-openjdk-amd64

RUN rm -rf ${ANDROID_HOME}/tools
41 changes: 20 additions & 21 deletions buildsystem/dependencies.gradle
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -37,10 +37,10 @@ allprojects {
}

ext {
androidBuildToolsVersion = "33.0.2"
androidBuildToolsVersion = "34.0.0"
androidMinSdkVersion = 26
androidTargetSdkVersion = 33
androidCompileSdkVersion = 33
androidTargetSdkVersion = 34
androidCompileSdkVersion = 34

// android and java libs
androidVersion = '4.1.1.4'
Expand All @@ -60,18 +60,18 @@ ext {
rxAndroidVersion = '2.1.1'
rxBindingVersion = '2.2.0'

daggerVersion = '2.45'
daggerVersion = '2.51.1'

gsonVersion = '2.10.1'
gsonVersion = '2.11.0'

okHttpVersion = '4.10.0'
okHttpDigestVersion = '3.0'
okHttpVersion = '4.12.0'
okHttpDigestVersion = '3.1.0'

velocityVersion = '2.3'

timberVersion = '5.0.1'

zxcvbnVersion = '1.7.0'
zxcvbnVersion = '1.9.0'

scaleImageViewVersion = '3.10.1-dev.0002'

Expand All @@ -83,7 +83,7 @@ ext {
// cloud provider libs
cryptolibVersion = '2.1.2'

dropboxVersion = '5.4.4'
dropboxVersion = '7.0.0'

googleApiServicesVersion = 'v3-rev20220508-1.32.1'
googlePlayServicesVersion = '19.2.0'
Expand All @@ -93,20 +93,20 @@ ext {
msgraphVersion = '5.47.0'
msgraphAuthVersion = '4.0.5' // contains com.microsoft.identity:common lib which added opentelemetry in 9.0.0, do we need to fork another lib before updating to >=4.2.0 ???

minIoVersion = '8.5.2'
minIoVersion = '8.5.10'
pcloudVersion = '1.9.2-dev.0001'
staxVersion = '1.2.0' // needed for minIO

commonsCodecVersion = '1.15'
commonsCodecVersion = '1.17.0'

recyclerViewFastScrollVersion = '2.0.1'

// testing dependencies

jUnitVersion = '5.9.2'
jUnitVersion = '5.10.2'
assertJVersion = '1.7.1'
mockitoVersion = '5.1.1'
mockitoKotlinVersion = '4.1.0'
mockitoVersion = '5.12.0'
mockitoKotlinVersion = '5.3.1'
mockitoInlineVersion = '5.2.0'
hamcrestVersion = '1.3'
dexmakerVersion = '1.0'
espressoVersion = '3.4.0'
Expand All @@ -128,7 +128,7 @@ ext {
androidxTestCoreVersion = '1.4.0'
androidxSplashscreenVersion = '1.0.0-rc01'

jsonWebTokenApiVersion = '0.11.5'
jsonWebTokenVersion = '4.4.0'

dependencies = [
android : "com.google.android:android:${androidVersion}",
Expand All @@ -151,7 +151,8 @@ ext {
daggerCompiler : "com.google.dagger:dagger-compiler:${daggerVersion}",
design : "com.google.android.material:material:${androidMaterialDesignVersion}",
coreDesugaring : "com.android.tools:desugar_jdk_libs:${coreDesugaringVersion}",
dropbox : "com.dropbox.core:dropbox-core-sdk:${dropboxVersion}",
dropboxCore : "com.dropbox.core:dropbox-core-sdk:${dropboxVersion}",
dropboxAndroid : "com.dropbox.core:dropbox-android-sdk:${dropboxVersion}",
JaniruTEC marked this conversation as resolved.
Show resolved Hide resolved
espresso : "androidx.test.espresso:espresso-core:${espressoVersion}",
googleApiClientAndroid : "com.google.api-client:google-api-client-android:${googleClientVersion}",
googleApiServicesDrive : "com.google.apis:google-api-services-drive:${googleApiServicesVersion}",
Expand All @@ -169,7 +170,7 @@ ext {
junit4Engine : "org.junit.vintage:junit-vintage-engine:${jUnitVersion}",
minIo : "io.minio:minio:${minIoVersion}",
mockito : "org.mockito:mockito-core:${mockitoVersion}",
mockitoInline : "org.mockito:mockito-inline:${mockitoVersion}",
mockitoInline : "org.mockito:mockito-inline:${mockitoInlineVersion}",
mockitoKotlin : "org.mockito.kotlin:mockito-kotlin:${mockitoKotlinVersion}",
msgraph : "com.microsoft.graph:microsoft-graph:${msgraphVersion}",
msgraphAuth : "com.microsoft.identity.client:msal:${msgraphAuthVersion}",
Expand All @@ -192,9 +193,7 @@ ext {
zxcvbn : "com.nulab-inc:zxcvbn:${zxcvbnVersion}",
scaleImageView : "com.github.cryptomator:subsampling-scale-image-view:${scaleImageViewVersion}",
lruFileCache : "com.github.solkin:disk-lru-cache:${lruFileCacheVersion}",
jsonWebTokenApi : "io.jsonwebtoken:jjwt-api:${jsonWebTokenApiVersion}",
jsonWebTokenImpl : "io.jsonwebtoken:jjwt-impl:${jsonWebTokenApiVersion}",
jsonWebTokenJson : "io.jsonwebtoken:jjwt-orgjson:${jsonWebTokenApiVersion}"
jsonWebToken : "com.auth0:java-jwt:${jsonWebTokenVersion}"
]

}
2 changes: 1 addition & 1 deletion buildsystem/docker/dependencies.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1 +1 @@
openjdk-11-jdk=11.0.16+8-1
openjdk-17-jdk=17.0.11+9-1
2 changes: 1 addition & 1 deletion buildsystem/docker/sources.list
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
# From https://github.com/signalapp/Signal-Android

#deb http://snapshot.debian.org/archive/debian-security/20220816T110409Z/ bullseye/updates main
deb http://snapshot.debian.org/archive/debian/20220816T041409Z/ unstable main
deb http://snapshot.debian.org/archive/debian/20240522T144944Z/ unstable main
18 changes: 10 additions & 8 deletions data/build.gradle
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,8 +20,8 @@ android {
}

compileOptions {
sourceCompatibility JavaVersion.VERSION_1_8
targetCompatibility JavaVersion.VERSION_1_8
sourceCompatibility JavaVersion.VERSION_17
targetCompatibility JavaVersion.VERSION_17
JaniruTEC marked this conversation as resolved.
Show resolved Hide resolved

coreLibraryDesugaringEnabled true
}
Expand Down Expand Up @@ -118,14 +118,16 @@ dependencies {
annotationProcessor dependencies.daggerCompiler
implementation dependencies.dagger

api dependencies.jsonWebTokenApi
implementation dependencies.jsonWebTokenImpl
implementation dependencies.jsonWebTokenJson
implementation dependencies.jsonWebToken

// cloud
playstoreImplementation dependencies.dropbox
apkstoreImplementation dependencies.dropbox
fdroidImplementation dependencies.dropbox
playstoreImplementation dependencies.dropboxCore
playstoreImplementation dependencies.dropboxAndroid
apkstoreImplementation dependencies.dropboxCore
apkstoreImplementation dependencies.dropboxAndroid
fdroidImplementation dependencies.dropboxCore
fdroidImplementation dependencies.dropboxAndroid


playstoreImplementation dependencies.msgraphAuth
apkstoreImplementation dependencies.msgraphAuth
Expand Down
2 changes: 1 addition & 1 deletion data/src/apiKey/java/org/cryptomator/data/cloud/dropbox/DropboxCloudNodeFactory.kt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ import com.dropbox.core.v2.files.Metadata
internal object DropboxCloudNodeFactory {

fun from(parent: DropboxFolder, metadata: FileMetadata): DropboxFile {
return DropboxFile(parent, metadata.name, metadata.pathDisplay, metadata.size, metadata.clientModified)
return DropboxFile(parent, metadata.name, metadata.pathLower!!, metadata.size, metadata.clientModified)
}

@JvmStatic
Expand Down
101 changes: 43 additions & 58 deletions data/src/main/java/org/cryptomator/data/cloud/crypto/VaultConfig.kt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,24 +1,18 @@
package org.cryptomator.data.cloud.crypto

import com.auth0.jwt.JWT
import com.auth0.jwt.algorithms.Algorithm
import com.auth0.jwt.exceptions.InvalidClaimException
import com.auth0.jwt.exceptions.JWTVerificationException
import com.auth0.jwt.exceptions.SignatureVerificationException
import com.auth0.jwt.interfaces.DecodedJWT
import org.cryptomator.cryptolib.api.CryptorProvider
import org.cryptomator.domain.UnverifiedVaultConfig
import org.cryptomator.domain.exception.vaultconfig.VaultConfigLoadException
import org.cryptomator.domain.exception.vaultconfig.VaultKeyInvalidException
import org.cryptomator.domain.exception.vaultconfig.VaultVersionMismatchException
import java.net.URI
import java.security.Key
import java.util.UUID
import io.jsonwebtoken.Claims
import io.jsonwebtoken.IncorrectClaimException
import io.jsonwebtoken.JwsHeader
import io.jsonwebtoken.JwtException
import io.jsonwebtoken.Jwts
import io.jsonwebtoken.MissingClaimException
import io.jsonwebtoken.SignatureAlgorithm
import io.jsonwebtoken.SigningKeyResolverAdapter
import io.jsonwebtoken.security.Keys
import io.jsonwebtoken.security.SignatureException
import kotlin.properties.Delegates

class VaultConfig private constructor(builder: VaultConfigBuilder) {

Expand All @@ -29,14 +23,13 @@ class VaultConfig private constructor(builder: VaultConfigBuilder) {
val shorteningThreshold: Int

fun toToken(rawKey: ByteArray): String {
return Jwts.builder()
.setHeaderParam(JSON_KEY_ID, keyId.toASCIIString()) //
.setId(id) //
.claim(JSON_KEY_VAULTFORMAT, vaultFormat) //
.claim(JSON_KEY_CIPHERCONFIG, cipherCombo.name) //
.claim(JSON_KEY_SHORTENING_THRESHOLD, shorteningThreshold) //
.signWith(Keys.hmacShaKeyFor(rawKey), SignatureAlgorithm.HS256) //
.compact()
return JWT.create() //
.withKeyId(keyId.toString()) //
JaniruTEC marked this conversation as resolved.
Show resolved Hide resolved
.withJWTId(id) //
.withClaim(JSON_KEY_VAULTFORMAT, vaultFormat) //
.withClaim(JSON_KEY_CIPHERCONFIG, cipherCombo.name) //
.withClaim(JSON_KEY_SHORTENING_THRESHOLD, shorteningThreshold) //
.sign(Algorithm.HMAC256(rawKey))
}

class VaultConfigBuilder {
Expand Down Expand Up @@ -87,42 +80,46 @@ class VaultConfig private constructor(builder: VaultConfigBuilder) {
@JvmStatic
@Throws(VaultConfigLoadException::class)
fun decode(token: String): UnverifiedVaultConfig {
val unverifiedSigningKeyResolver = UnverifiedSigningKeyResolver()

// At this point we can't verify the signature because we don't have the masterkey yet.
try {
Jwts.parserBuilder().setSigningKeyResolver(unverifiedSigningKeyResolver).build().parse(token)
} catch (e: IllegalArgumentException) {
return UnverifiedVaultConfig(token, unverifiedSigningKeyResolver.keyId, unverifiedSigningKeyResolver.vaultFormat)
}
throw VaultConfigLoadException("Failed to load vaultconfig")
val unverifiedJwt = JWT.decode(token)
val vaultFormat = unverifiedJwt.getClaim(JSON_KEY_VAULTFORMAT).asInt()
val keyId = URI.create(unverifiedJwt.keyId)
return UnverifiedVaultConfig(token, keyId, vaultFormat)
}

@JvmStatic
@Throws(VaultKeyInvalidException::class, VaultVersionMismatchException::class, VaultConfigLoadException::class)
fun verify(rawKey: ByteArray, unverifiedVaultConfig: UnverifiedVaultConfig): VaultConfig {
return try {
val parser = Jwts //
.parserBuilder() //
.setSigningKey(rawKey) //
.require(JSON_KEY_VAULTFORMAT, unverifiedVaultConfig.vaultFormat) //
.build() //
.parseClaimsJws(unverifiedVaultConfig.jwt)
val unverifiedJwt = JWT.decode(unverifiedVaultConfig.jwt)
val verifier = JWT.require(initAlgorithm(rawKey, unverifiedJwt)) //
.withClaim(JSON_KEY_VAULTFORMAT, unverifiedVaultConfig.vaultFormat) //
.build()
val verifiedJwt = verifier.verify(unverifiedJwt)

val vaultConfigBuilder = createVaultConfig() //
.keyId(unverifiedVaultConfig.keyId)
.id(parser.header[JSON_KEY_ID] as String) //
.cipherCombo(CryptorProvider.Scheme.valueOf(parser.body.get(JSON_KEY_CIPHERCONFIG, String::class.java))) //
.vaultFormat(unverifiedVaultConfig.vaultFormat) //
.shorteningThreshold(parser.body[JSON_KEY_SHORTENING_THRESHOLD] as Int)
.keyId(URI.create(verifiedJwt.keyId)) //
.id(verifiedJwt.getHeaderClaim(JSON_KEY_ID).asString()) //
.cipherCombo(CryptorProvider.Scheme.valueOf(verifiedJwt.getClaim(JSON_KEY_CIPHERCONFIG).asString())) //
.vaultFormat(verifiedJwt.getClaim(JSON_KEY_VAULTFORMAT).asInt()) //
.shorteningThreshold(verifiedJwt.getClaim(JSON_KEY_SHORTENING_THRESHOLD).asInt()) //

VaultConfig(vaultConfigBuilder)
} catch (e: JwtException) {
when (e) {
is MissingClaimException, is IncorrectClaimException -> throw VaultVersionMismatchException("Vault config not for version " + unverifiedVaultConfig.vaultFormat)
is SignatureException -> throw VaultKeyInvalidException()
else -> throw VaultConfigLoadException(e)
}
} catch (e: SignatureVerificationException) {
throw VaultKeyInvalidException()
} catch (e: InvalidClaimException) {
throw VaultVersionMismatchException("Vault config not for version $unverifiedVaultConfig.vaultFormat")
} catch (e: JWTVerificationException) {
throw VaultConfigLoadException("Failed to verify vault config")
}
}

@Throws(VaultConfigLoadException::class)
private fun initAlgorithm(rawKey: ByteArray, jwt: DecodedJWT): Algorithm {
return when (val algo = jwt.algorithm) {
"HS256" -> Algorithm.HMAC256(rawKey)
"HS384" -> Algorithm.HMAC384(rawKey)
"HS512" -> Algorithm.HMAC512(rawKey)
else -> throw VaultConfigLoadException("Unsupported signature algorithm: $algo")
}
}

Expand All @@ -132,18 +129,6 @@ class VaultConfig private constructor(builder: VaultConfigBuilder) {
}
}

private class UnverifiedSigningKeyResolver : SigningKeyResolverAdapter() {

lateinit var keyId: URI
var vaultFormat: Int by Delegates.notNull()

override fun resolveSigningKey(jwsHeader: JwsHeader<*>, claims: Claims): Key? {
keyId = URI.create(jwsHeader.keyId)
vaultFormat = claims[JSON_KEY_VAULTFORMAT] as Int
return null
}
}

init {
id = builder.id
keyId = builder.keyId
Expand Down
Loading
Loading