android
android copied to clipboard
nextcloud
Check CSR
@AlvaroBrey it seems that with gplayDebug flavor we have:
java.lang.ClassCastException: com.google.android.gms.org.conscrypt.OpenSSLRSAPublicKey cannot be cast to org.conscrypt.OpenSSLRSAPublicKey
at com.owncloud.android.util.EncryptionTestIT.testModulus(EncryptionTestIT.java:187)
but it runs fine locally on genericDebug.
I do not see/understand why conscrypt is behaving differently on geplay/generic flavor.
@AlvaroBrey it seems that with gplayDebug flavor we have:
java.lang.ClassCastException: com.google.android.gms.org.conscrypt.OpenSSLRSAPublicKey cannot be cast to org.conscrypt.OpenSSLRSAPublicKey at com.owncloud.android.util.EncryptionTestIT.testModulus(EncryptionTestIT.java:187)but it runs fine locally on genericDebug.
I do not see/understand why conscrypt is behaving differently on geplay/generic flavor.
At this line: http://github.com/nextcloud/android/blob/71f16d6e978141d58a6d92d5ee3616ddcae13379/app/src/main/java/com/owncloud/android/utils/EncryptionUtils.java#L690-L690 , KeyPairGenerator.getInstance returns different classes (org.conscrypt... in generic, com.android.gms.org.conscrypt... in gplay).
We install the Conscrypt provider here in MainApp. But in the gplay flavor, ProviderInstaller is called later, installing the gms provider and overriding the previous one.
ProviderInstaller installs up-to-date conscrypt security providers patched by Google Services regularly (documentation).
The solution to all this should be to use the RSAPublicKey interface instead of the implementation-specific OpenSSLRSAPublicKey. Pushed 19c60959cfe6c7bb6157808f6334cea5271685ce to do just that, let's see how that goes.
Codacy
Lint
| Type | master | PR |
| Warnings | 85 | 85 |
| Errors | 0 | 0 |
SpotBugs
| Category | Base | New |
|---|---|---|
| Bad practice | 29 | 29 |
| Correctness | 46 | 46 |
| Dodgy code | 354 | 354 |
| Experimental | 1 | 1 |
| Internationalization | 9 | 9 |
| Multithreaded correctness | 9 | 9 |
| Performance | 58 | 58 |
| Security | 28 | 28 |
| Total | 534 | 534 |
Android-library is not set to master branch in build.gradle
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}
APK file: https://www.kaminsky.me/nc-dev/android-artifacts/10713.apk
To test this change/fix you can simply download above APK file and install and test it in parallel to your existing Nextcloud app.
stable-IT test failed: https://www.kaminsky.me/nc-dev/android-integrationTests/5915-IT-stable-08-18
master-IT test failed: https://www.kaminsky.me/nc-dev/android-integrationTests/5915-IT-master-08-20
Exception is java.lang.ClassCastException: com.google.android.gms.org.conscrypt.OpenSSLRSAPublicKey cannot be cast to org.conscrypt.OpenSSLRSAPublicKey, we already saw this in a previous test, it needs to be the common interface instead
Exception is
java.lang.ClassCastException: com.google.android.gms.org.conscrypt.OpenSSLRSAPublicKey cannot be cast to org.conscrypt.OpenSSLRSAPublicKey, we already saw this in a previous test, it needs to be the common interface instead
Fixed in https://github.com/nextcloud/android/pull/10713/commits/59b225feccc739db3f463b6ebb824c1e3ac7c92a
blue-Light-IT test failed: https://www.kaminsky.me/nc-dev/android-integrationTests/10713-Screenshot-blue-Light-08-36
Codacy
Lint
| Type | master | PR |
| Warnings | 82 | 82 |
| Errors | 0 | 0 |
SpotBugs
| Category | Base | New |
|---|---|---|
| Bad practice | 27 | 27 |
| Correctness | 44 | 44 |
| Dodgy code | 335 | 335 |
| Internationalization | 9 | 9 |
| Multithreaded correctness | 9 | 9 |
| Performance | 58 | 58 |
| Security | 18 | 18 |
| Total | 500 | 500 |
APK file: https://www.kaminsky.me/nc-dev/android-artifacts/10713.apk
To test this change/fix you can simply download above APK file and install and test it in parallel to your existing Nextcloud app.
master-IT test failed: https://www.kaminsky.me/nc-dev/android-integrationTests/7269-IT-master-16-40