Merge branch 'release/1.7.2'

Gemfile.lock

@@ -10,17 +10,17 @@ GEM
     artifactory (3.0.15)
     atomos (0.1.3)
     aws-eventstream (1.2.0)
-    aws-partitions (1.554.0)
-    aws-sdk-core (3.126.1)
+    aws-partitions (1.571.0)
+    aws-sdk-core (3.130.0)
       aws-eventstream (~> 1, >= 1.0.2)
       aws-partitions (~> 1, >= 1.525.0)
       aws-sigv4 (~> 1.1)
       jmespath (~> 1.0)
-    aws-sdk-kms (1.54.0)
-      aws-sdk-core (~> 3, >= 3.126.0)
+    aws-sdk-kms (1.55.0)
+      aws-sdk-core (~> 3, >= 3.127.0)
       aws-sigv4 (~> 1.1)
-    aws-sdk-s3 (1.112.0)
-      aws-sdk-core (~> 3, >= 3.126.0)
+    aws-sdk-s3 (1.113.0)
+      aws-sdk-core (~> 3, >= 3.127.0)
       aws-sdk-kms (~> 1)
       aws-sigv4 (~> 1.4)
     aws-sigv4 (1.4.0)
@@ -40,8 +40,8 @@ GEM
     dotenv (2.7.6)
     ed25519 (1.3.0)
     emoji_regex (3.2.3)
-    excon (0.91.0)
-    faraday (1.9.3)
+    excon (0.92.1)
+    faraday (1.10.0)
       faraday-em_http (~> 1.0)
       faraday-em_synchrony (~> 1.0)
       faraday-excon (~> 1.1)
@@ -70,7 +70,7 @@ GEM
     faraday_middleware (1.2.0)
       faraday (~> 1.0)
     fastimage (2.2.6)
-    fastlane (2.204.3)
+    fastlane (2.205.1)
       CFPropertyList (>= 2.3, < 4.0.0)
       addressable (>= 2.8, < 3.0.0)
       artifactory (~> 3.0)
@@ -109,13 +109,13 @@ GEM
       xcodeproj (>= 1.13.0, < 2.0.0)
       xcpretty (~> 0.3.0)
       xcpretty-travis-formatter (>= 0.0.3)
-    fastlane-plugin-aws_s3 (2.0.3)
+    fastlane-plugin-aws_s3 (2.1.0)
       apktools (~> 0.7)
       aws-sdk-s3 (~> 1)
       mime-types (~> 3.3)
     fastlane-plugin-get_version_name (0.2.2)
     gh_inspector (1.1.3)
-    google-apis-androidpublisher_v3 (0.16.0)
+    google-apis-androidpublisher_v3 (0.17.0)
       google-apis-core (>= 0.4, < 2.a)
     google-apis-core (0.4.2)
       addressable (~> 2.5, >= 2.5.1)
@@ -135,8 +135,8 @@ GEM
     google-cloud-core (1.6.0)
       google-cloud-env (~> 1.0)
       google-cloud-errors (~> 1.0)
-    google-cloud-env (1.5.0)
-      faraday (>= 0.17.3, < 2.0)
+    google-cloud-env (1.6.0)
+      faraday (>= 0.17.3, < 3.0)
     google-cloud-errors (1.2.0)
     google-cloud-storage (1.36.1)
       addressable (~> 2.8)
@@ -146,8 +146,8 @@ GEM
       google-cloud-core (~> 1.6)
       googleauth (>= 0.16.2, < 2.a)
       mini_mime (~> 1.0)
-    googleauth (1.1.1)
-      faraday (>= 0.17.3, < 2.0)
+    googleauth (1.1.2)
+      faraday (>= 0.17.3, < 3.a)
       jwt (>= 1.4, < 3.0)
       memoist (~> 0.16)
       multi_json (~> 1.11)
@@ -157,7 +157,7 @@ GEM
     http-cookie (1.0.4)
       domain_name (~> 0.5)
     httpclient (2.8.3)
-    jmespath (1.6.0)
+    jmespath (1.6.1)
     json (2.6.1)
     jwt (2.3.0)
     memoist (0.16.2)
@@ -188,9 +188,9 @@ GEM
     ruby2_keywords (0.0.5)
     rubyzip (2.3.2)
     security (0.1.3)
-    signet (0.16.0)
+    signet (0.16.1)
       addressable (~> 2.8)
-      faraday (>= 0.17.3, < 2.0)
+      faraday (>= 0.17.5, < 3.0)
       jwt (>= 1.5, < 3.0)
       multi_json (~> 1.10)
     simctl (1.6.8)
@@ -207,7 +207,7 @@ GEM
     uber (0.1.0)
     unf (0.1.4)
       unf_ext
-    unf_ext (0.0.8)
+    unf_ext (0.0.8.1)
     unicode-display_width (1.8.0)
     webrick (1.7.0)
     word_wrap (1.0.0)

build.gradle

@@ -8,7 +8,7 @@ buildscript {
 		google()
 	}
 	dependencies {
-		classpath 'com.android.tools.build:gradle:7.1.1'
+		classpath 'com.android.tools.build:gradle:7.1.2'
 		classpath 'org.greenrobot:greendao-gradle-plugin:3.3.0'
 		classpath 'com.vanniktech:gradle-android-junit-jacoco-plugin:0.16.0'
 		classpath "org.jetbrains.kotlin:kotlin-gradle-plugin:$kotlin_version"
@@ -39,7 +39,7 @@ allprojects {
 	ext {
 		androidApplicationId = 'org.cryptomator'
 		androidVersionCode = getVersionCode()
-		androidVersionName = '1.7.1'
+		androidVersionName = '1.7.2'
 	}
 	repositories {
 		mavenCentral()

buildsystem/dependencies.gradle

@@ -42,7 +42,7 @@ ext {
 	rxAndroidVersion = '2.1.1'
 	rxBindingVersion = '2.2.0'
 
-	daggerVersion = '2.40.5'
+	daggerVersion = '2.41'
 
 	gsonVersion = '2.9.0'
 
@@ -69,17 +69,17 @@ ext {
 
 	googleApiServicesVersion = 'v3-rev20220110-1.32.1'
 	googlePlayServicesVersion = '19.2.0'
-	googleClientVersion = '1.33.2' // keep in sync with https://github.com/SailReal/google-http-java-client
+	googleClientVersion = '1.33.4' // keep in sync with https://github.com/SailReal/google-http-java-client
 	/*
 		update using https://github.com/SailReal/google-http-java-client with `mvn clean install`,
 		copying `google-http-client-*.jar` and `google-http-client-android-*.jar` into the lib folder of this project
 	 */
-	trackingFreeGoogleCLientVersion = '1.41.4'
+	trackingFreeGoogleCLientVersion = '1.41.5'
 
-	msgraphVersion = '5.14.0'
-	msgraphAuthVersion = '2.2.3'
+	msgraphVersion = '5.17.0'
+	msgraphAuthVersion = '3.0.2'
 
-	minIoVersion = '8.3.6'
+	minIoVersion = '8.3.7'
 	staxVersion = '1.2.0' // needed for minIO
 
 	commonsCodecVersion = '1.15'
@@ -90,7 +90,7 @@ ext {
 
 	jUnitVersion = '5.8.2'
 	assertJVersion = '1.7.1'
-	mockitoVersion = '4.3.1'
+	mockitoVersion = '4.4.0'
 	mockitoKotlinVersion = '4.0.0'
 	hamcrestVersion = '1.3'
 	dexmakerVersion = '1.0'

data/src/main/java/org/cryptomator/data/cloud/crypto/MasterkeyCryptoCloudProvider.kt

@@ -19,6 +19,7 @@ import org.cryptomator.domain.Vault
 import org.cryptomator.domain.exception.BackendException
 import org.cryptomator.domain.exception.CancellationException
 import org.cryptomator.domain.exception.FatalBackendException
+import org.cryptomator.domain.exception.vaultconfig.MissingVaultConfigFileException
 import org.cryptomator.domain.exception.vaultconfig.UnsupportedMasterkeyLocationException
 import org.cryptomator.domain.repository.CloudContentRepository
 import org.cryptomator.domain.usecases.ProgressAware
@@ -204,10 +205,16 @@ class MasterkeyCryptoCloudProvider(
 	}
 
 	private fun assertLegacyVaultVersionIsSupported(version: Int) {
-		if (version < CryptoConstants.MIN_VAULT_VERSION) {
-			throw UnsupportedVaultFormatException(version, CryptoConstants.MIN_VAULT_VERSION)
-		} else if (version > CryptoConstants.MAX_VAULT_VERSION_WITHOUT_VAULT_CONFIG) {
-			throw UnsupportedVaultFormatException(version, CryptoConstants.MAX_VAULT_VERSION_WITHOUT_VAULT_CONFIG)
+		when {
+			version < CryptoConstants.MIN_VAULT_VERSION -> {
+				throw UnsupportedVaultFormatException(version, CryptoConstants.MIN_VAULT_VERSION)
+			}
+			version == CryptoConstants.DEFAULT_MASTERKEY_FILE_VERSION -> {
+				throw MissingVaultConfigFileException()
+			}
+			version > CryptoConstants.MAX_VAULT_VERSION_WITHOUT_VAULT_CONFIG -> {
+				throw UnsupportedVaultFormatException(version, CryptoConstants.MAX_VAULT_VERSION_WITHOUT_VAULT_CONFIG)
+			}
 		}
 	}
 

data/src/main/java/org/cryptomator/data/cloud/local/LocalStorageAccessFrameworkNodeFactory.kt

@@ -63,7 +63,7 @@ internal object LocalStorageAccessFrameworkNodeFactory {
 			getNodePath(parent, documentFile.name),  //
 			documentFile.length(),  //
 			Date(documentFile.lastModified()),  //
-			DocumentsContract.getTreeDocumentId(documentFile.uri),  //
+			DocumentsContract.getDocumentId(documentFile.uri),  //
 			documentFile.uri.toString()
 		)
 	}

data/src/main/java/org/cryptomator/data/cloud/onedrive/OnedriveClientFactory.kt

@@ -6,7 +6,6 @@ import com.microsoft.graph.httpcore.HttpClients
 import com.microsoft.graph.requests.GraphServiceClient
 import org.cryptomator.data.cloud.okhttplogging.HttpLoggingInterceptor
 import org.cryptomator.data.util.NetworkTimeout
-import org.cryptomator.util.SharedPreferencesHandler
 import org.cryptomator.util.crypto.CredentialCryptor
 import java.net.URL
 import java.util.concurrent.CompletableFuture
@@ -19,7 +18,7 @@ class OnedriveClientFactory private constructor() {
 
 	companion object {
 
-		fun createInstance(context: Context, encryptedToken: String, sharedPreferencesHandler: SharedPreferencesHandler): GraphServiceClient<Request> {
+		fun createInstance(context: Context, encryptedToken: String): GraphServiceClient<Request> {
 			val tokenAuthenticationProvider = object : BaseAuthenticationProvider() {
 				val token = CompletableFuture.completedFuture(CredentialCryptor.getInstance(context).decrypt(encryptedToken))
 				override fun getAuthorizationTokenAsync(requestUrl: URL): CompletableFuture<String> {

data/src/main/java/org/cryptomator/data/cloud/onedrive/OnedriveCloudContentRepository.kt

@@ -4,7 +4,7 @@ import android.content.Context
 import com.microsoft.graph.core.GraphErrorCodes
 import com.microsoft.graph.http.GraphServiceException
 import com.microsoft.graph.requests.GraphServiceClient
-import com.microsoft.identity.common.exception.ClientException
+import com.microsoft.identity.common.java.exception.ClientException
 import org.cryptomator.data.cloud.InterceptingCloudContentRepository
 import org.cryptomator.domain.OnedriveCloud
 import org.cryptomator.domain.exception.BackendException

data/src/main/java/org/cryptomator/data/cloud/onedrive/OnedriveCloudContentRepositoryFactory.java

@@ -33,6 +33,6 @@ public boolean supports(Cloud cloud) {
 	@Override
 	public CloudContentRepository<OnedriveCloud, OnedriveNode, OnedriveFolder, OnedriveFile> cloudContentRepositoryFor(Cloud cloud) {
 		OnedriveCloud onedriveCloud = (OnedriveCloud) cloud;
-		return new OnedriveCloudContentRepository(onedriveCloud, context, OnedriveClientFactory.Companion.createInstance(context, onedriveCloud.accessToken(), sharedPreferencesHandler));
+		return new OnedriveCloudContentRepository(onedriveCloud, context, OnedriveClientFactory.Companion.createInstance(context, onedriveCloud.accessToken()));
 	}
 }

data/src/test/java/org/cryptomator/data/cloud/crypto/MasterkeyCryptoCloudProviderTest.kt

@@ -6,7 +6,6 @@ import org.cryptomator.cryptolib.api.Cryptor
 import org.cryptomator.cryptolib.api.CryptorProvider
 import org.cryptomator.cryptolib.api.FileNameCryptor
 import org.cryptomator.cryptolib.api.Masterkey
-import org.cryptomator.cryptolib.api.UnsupportedVaultFormatException
 import org.cryptomator.data.cloud.crypto.BackupFileIdSuffixGenerator.generate
 import org.cryptomator.data.cloud.crypto.MasterkeyCryptoCloudProvider.UnlockTokenImpl
 import org.cryptomator.data.cloud.crypto.VaultConfig.VaultConfigBuilder
@@ -19,6 +18,7 @@ import org.cryptomator.domain.CloudType
 import org.cryptomator.domain.UnverifiedVaultConfig
 import org.cryptomator.domain.Vault
 import org.cryptomator.domain.exception.BackendException
+import org.cryptomator.domain.exception.vaultconfig.MissingVaultConfigFileException
 import org.cryptomator.domain.repository.CloudContentRepository
 import org.cryptomator.domain.usecases.ProgressAware
 import org.cryptomator.domain.usecases.cloud.DataSource
@@ -207,7 +207,7 @@ internal class MasterkeyCryptoCloudProviderTest {
 	@DisplayName("unlockLegacyUsingNewVault(\"foo\")")
 	fun testUnlockLegacyVaultUsingVaultFormat8() {
 		val unlockToken: UnlockToken = UnlockTokenImpl(vault, masterkeyV8.toByteArray(StandardCharsets.UTF_8))
-		Assertions.assertThrows(UnsupportedVaultFormatException::class.java) { inTest.unlock(unlockToken, Optional.absent(), "foo", { false }) }
+		Assertions.assertThrows(MissingVaultConfigFileException::class.java) { inTest.unlock(unlockToken, Optional.absent(), "foo", { false }) }
 	}
 
 	@DisplayName("changePassword(\"foo\")")

domain/src/main/java/org/cryptomator/domain/exception/license/DesktopSupporterCertificateException.java

@@ -0,0 +1,9 @@
+package org.cryptomator.domain.exception.license;
+
+public class DesktopSupporterCertificateException extends LicenseNotValidException {
+
+	public DesktopSupporterCertificateException(final String license) {
+		super(license);
+	}
+
+}

domain/src/main/java/org/cryptomator/domain/exception/vaultconfig/MissingVaultConfigFileException.java

@@ -0,0 +1,6 @@
+package org.cryptomator.domain.exception.vaultconfig;
+
+import org.cryptomator.domain.exception.BackendException;
+
+public class MissingVaultConfigFileException extends BackendException {
+}

domain/src/main/java/org/cryptomator/domain/usecases/DoLicenseCheck.java

@@ -4,6 +4,7 @@
 
 import org.cryptomator.domain.exception.BackendException;
 import org.cryptomator.domain.exception.FatalBackendException;
+import org.cryptomator.domain.exception.license.DesktopSupporterCertificateException;
 import org.cryptomator.domain.exception.license.LicenseNotValidException;
 import org.cryptomator.domain.exception.license.NoLicenseAvailableException;
 import org.cryptomator.domain.repository.UpdateCheckRepository;
@@ -20,10 +21,19 @@
 import io.jsonwebtoken.Claims;
 import io.jsonwebtoken.JwtException;
 import io.jsonwebtoken.Jwts;
+import io.jsonwebtoken.security.SignatureException;
 
 @UseCase
 public class DoLicenseCheck {
 
+	private static final String ANDROID_PUB_KEY = "MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBcnb81CfNeL3qBVFMx/yRfm1Y1yib" + //
+			"ajIJkV1s82AQt+mOl4+Kub64wq1OCgBVwWUlKwqgnyF39nmkoXEjakRPFngBzg2J" + //
+			"zo4UR0B7OYmn0uGf3K+zQfxKnNMxGVPtlzE8j9Nqz/dm2YvYLLVwvTSDQX/GaxoP" + //
+			"/EH84Hupw2wuU7qAaFU=";
+	private static final String DESKTOP_SUPPORTER_CERTIFICATE_PUB_KEY = "MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQB7NfnqiZbg2KTmoflmZ71PbXru7oW" + //
+			"fmnV2yv3eDjlDfGruBrqz9TtXBZV/eYWt31xu1osIqaT12lKBvZ511aaAkIBeOEV" + //
+			"gwcBIlJr6kUw7NKzeJt7r2rrsOyQoOG2nWc/Of/NBqA3mIZRHk5Aq1YupFdD26QE" + //
+			"r0DzRyj4ixPIt38CQB8=";
 	private final UpdateCheckRepository updateCheckRepository;
 	private String license;
 
@@ -34,17 +44,13 @@ public class DoLicenseCheck {
 
 	public LicenseCheck execute() throws BackendException {
 		license = useLicenseOrRetrieveFromDb(license);
-
 		try {
-			final Claims claims = Jwts //
-					.parserBuilder() //
-					.setSigningKey(getPublicKey()) //
-					.build() //
-					.parseClaimsJws(license) //
-					.getBody();
-
+			final Claims claims = Jwts.parserBuilder().setSigningKey(getPublicKey(ANDROID_PUB_KEY)).build().parseClaimsJws(license).getBody();
 			return claims::getSubject;
 		} catch (JwtException | FatalBackendException e) {
+			if (e instanceof SignatureException && isDesktopSupporterCertificate(license)) {
+				throw new DesktopSupporterCertificateException(license);
+			}
 			throw new LicenseNotValidException(license);
 		} catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
 			throw new FatalBackendException(e);
@@ -56,28 +62,29 @@ private String useLicenseOrRetrieveFromDb(String license) throws NoLicenseAvaila
 			updateCheckRepository.setLicense(license);
 		} else {
 			license = updateCheckRepository.getLicense();
-
 			if (license == null) {
 				throw new NoLicenseAvailableException();
 			}
 		}
-
 		return license;
 	}
 
-	private ECPublicKey getPublicKey() throws NoSuchAlgorithmException, InvalidKeySpecException {
-		final byte[] publicKey = BaseEncoding //
-				.base64() //
-				.decode("MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBcnb81CfNeL3qBVFMx/yRfm1Y1yib" + //
-						"ajIJkV1s82AQt+mOl4+Kub64wq1OCgBVwWUlKwqgnyF39nmkoXEjakRPFngBzg2J" + //
-						"zo4UR0B7OYmn0uGf3K+zQfxKnNMxGVPtlzE8j9Nqz/dm2YvYLLVwvTSDQX/GaxoP" + //
-						"/EH84Hupw2wuU7qAaFU=");
-
-		Key key = KeyFactory.getInstance("EC").generatePublic(new X509EncodedKeySpec(publicKey));
+	private ECPublicKey getPublicKey(String publicKey) throws NoSuchAlgorithmException, InvalidKeySpecException {
+		final X509EncodedKeySpec keySpec = new X509EncodedKeySpec(BaseEncoding.base64().decode(publicKey));
+		Key key = KeyFactory.getInstance("EC").generatePublic(keySpec);
 		if (key instanceof ECPublicKey) {
 			return (ECPublicKey) key;
 		} else {
 			throw new FatalBackendException("Key not an EC public key.");
 		}
 	}
+
+	private boolean isDesktopSupporterCertificate(String license) {
+		try {
+			Jwts.parserBuilder().setSigningKey(getPublicKey(DESKTOP_SUPPORTER_CERTIFICATE_PUB_KEY)).build().parseClaimsJws(license);
+			return true;
+		} catch (JwtException | NoSuchAlgorithmException | InvalidKeySpecException e) {
+			return false;
+		}
+	}
 }