Add auth protection for ssh key export

We use a builtin keyguard for ssh key export protection on Android. This protection works only if some protection is set on the phone. https://developer.android.com/reference/android/app/KeyguardManager#isDeviceSecure()
2022-09-19 12:27:33 +03:00 · 2022-09-19 12:27:33 +03:00 · d93be76505
commit d93be76505
parent 5fff65db5a
3 changed files with 88 additions and 0 deletions
--- a/client/ui/pages_logic/ServerSettingsLogic.cpp
+++ b/client/ui/pages_logic/ServerSettingsLogic.cpp
@ -10,6 +10,12 @@
 #include <core/servercontroller.h>
 #include <QTimer>

+#if defined(Q_OS_ANDROID)
+#include <QAndroidJniObject>
+#include <QAndroidJniEnvironment>
+#include <QtAndroid>
+#endif
+
 ServerSettingsLogic::ServerSettingsLogic(UiLogic *logic, QObject *parent):
    PageLogicBase(logic, parent),
    m_labelWaitInfoVisible{true},
@ -126,8 +132,41 @@ void ServerSettingsLogic::onLineEditDescriptionEditingFinished()
    uiLogic()->onUpdateAllPages();
 }

+#if defined(Q_OS_ANDROID)
+/* Auth result handler for Android */
+void authResultReceiver::handleActivityResult(int receiverRequestCode, int resultCode, const QAndroidJniObject &data)
+{
+    qDebug() << "receiverRequestCode" << receiverRequestCode << "resultCode" << resultCode;
+
+    if (resultCode == -1) { //ResultOK
+        uiLogic()->pageLogic<ShareConnectionLogic>()->updateSharingPage(m_serverIndex, DockerContainer::None);
+        emit uiLogic()->goToShareProtocolPage(Proto::Any);
+    }
+}
+#endif
+
 void ServerSettingsLogic::onPushButtonShareFullClicked()
 {
+#if defined(Q_OS_ANDROID)
+/* We use builtin keyguard for ssh key export protection on Android */
+    auto appContext = QtAndroid::androidActivity().callObjectMethod(
+        "getApplicationContext", "()Landroid/content/Context;");
+    if (appContext.isValid()) {
+        QAndroidActivityResultReceiver *receiver = new authResultReceiver(uiLogic(), uiLogic()->selectedServerIndex);
+        auto intent = QAndroidJniObject::callStaticObjectMethod(
+               "org/amnezia/vpn/AuthHelper", "getAuthIntent",
+               "(Landroid/content/Context;)Landroid/content/Intent;", appContext.object());
+        if (intent.isValid()) {
+            if (intent.object<jobject>() != nullptr) {
+                    QtAndroid::startActivity(intent.object<jobject>(), 1, receiver);
+                }
+            } else {
+            uiLogic()->pageLogic<ShareConnectionLogic>()->updateSharingPage(uiLogic()->selectedServerIndex, DockerContainer::None);
+            emit uiLogic()->goToShareProtocolPage(Proto::Any);
+        }
+    }
+#else
    uiLogic()->pageLogic<ShareConnectionLogic>()->updateSharingPage(uiLogic()->selectedServerIndex, DockerContainer::None);
    emit uiLogic()->goToShareProtocolPage(Proto::Any);
+#endif
 }