diff options
Diffstat (limited to 'main/src/ui')
-rw-r--r-- | main/src/ui/AndroidManifest.xml | 4 | ||||
-rw-r--r-- | main/src/ui/java/de/blinkt/openvpn/core/ProfileEncryption.kt | 63 | ||||
-rw-r--r-- | main/src/ui/res/xml/general_settings.xml | 5 |
3 files changed, 72 insertions, 0 deletions
diff --git a/main/src/ui/AndroidManifest.xml b/main/src/ui/AndroidManifest.xml index b3bd8ecf..21241f0a 100644 --- a/main/src/ui/AndroidManifest.xml +++ b/main/src/ui/AndroidManifest.xml @@ -14,6 +14,10 @@ android:name="android.hardware.touchscreen" android:required="false" /> + <!-- This library wants SDK version 23 but we do runtime checks to not use it before + API 23 --> + <uses-sdk tools:overrideLibrary="androidx.security"/> + <application android:banner="@mipmap/banner_tv"> <activity android:exported="true" diff --git a/main/src/ui/java/de/blinkt/openvpn/core/ProfileEncryption.kt b/main/src/ui/java/de/blinkt/openvpn/core/ProfileEncryption.kt new file mode 100644 index 00000000..ad22460f --- /dev/null +++ b/main/src/ui/java/de/blinkt/openvpn/core/ProfileEncryption.kt @@ -0,0 +1,63 @@ +/* + * Copyright (c) 2012-2022 Arne Schwabe + * Distributed under the GNU GPL v2 with additional terms. For full terms see the file doc/LICENSE.txt + */ +package de.blinkt.openvpn.core + +import android.content.Context +import android.os.Build +import androidx.security.crypto.EncryptedFile +import androidx.security.crypto.MasterKeys +import java.io.File +import java.io.FileInputStream +import java.io.FileOutputStream +import java.io.IOException +import java.security.GeneralSecurityException + +internal class ProfileEncryption { + + companion object { + @JvmStatic + fun encryptionEnabled(): Boolean { + return mMasterKeyAlias != null + } + + private var mMasterKeyAlias: String? = null + @JvmStatic + fun initMasterCryptAlias() { + if (Build.VERSION.SDK_INT < Build.VERSION_CODES.M) + return + try { + mMasterKeyAlias = MasterKeys.getOrCreate(MasterKeys.AES256_GCM_SPEC) + } catch (e: GeneralSecurityException) { + VpnStatus.logException("Could not initialise file encryption key.", e) + } catch (e: IOException) { + VpnStatus.logException("Could not initialise file encryption key.", e) + } + } + + @JvmStatic + @Throws(GeneralSecurityException::class, IOException::class) + fun getEncryptedVpInput(context: Context, file: File): FileInputStream { + val encryptedFile = EncryptedFile.Builder( + file, + context, + mMasterKeyAlias!!, + EncryptedFile.FileEncryptionScheme.AES256_GCM_HKDF_4KB + ).build() + return encryptedFile.openFileInput() + } + + @JvmStatic + @Throws(GeneralSecurityException::class, IOException::class) + fun getEncryptedVpOutput(context: Context, file: File): FileOutputStream { + val encryptedFile = EncryptedFile.Builder( + file, + context, + mMasterKeyAlias!!, + EncryptedFile.FileEncryptionScheme.AES256_GCM_HKDF_4KB + ).build() + return encryptedFile.openFileOutput() + } + } +}
\ No newline at end of file diff --git a/main/src/ui/res/xml/general_settings.xml b/main/src/ui/res/xml/general_settings.xml index 4f294a1a..55eedb94 100644 --- a/main/src/ui/res/xml/general_settings.xml +++ b/main/src/ui/res/xml/general_settings.xml @@ -42,6 +42,11 @@ android:summary="@string/onbootrestartsummary" android:title="@string/onbootrestart"/> + <CheckBoxPreference + android:defaultValue="true" + android:key="preferencryption" + android:title="@string/encrypt_profiles"/> + <Preference android:key="clearapi" android:persistent="false" |