1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/mobile/android/base/db/PasswordsProvider.java Wed Dec 31 06:09:35 2014 +0100
1.3 @@ -0,0 +1,303 @@
1.4 +/* This Source Code Form is subject to the terms of the Mozilla Public
1.5 + * License, v. 2.0. If a copy of the MPL was not distributed with this file,
1.6 + * You can obtain one at http://mozilla.org/MPL/2.0/. */
1.7 +
1.8 +package org.mozilla.gecko.db;
1.9 +
1.10 +import java.util.HashMap;
1.11 +
1.12 +import org.mozilla.gecko.GeckoApp;
1.13 +import org.mozilla.gecko.GeckoAppShell;
1.14 +import org.mozilla.gecko.GeckoEvent;
1.15 +import org.mozilla.gecko.NSSBridge;
1.16 +import org.mozilla.gecko.db.BrowserContract.DeletedPasswords;
1.17 +import org.mozilla.gecko.db.BrowserContract.Passwords;
1.18 +import org.mozilla.gecko.mozglue.GeckoLoader;
1.19 +import org.mozilla.gecko.sqlite.MatrixBlobCursor;
1.20 +import org.mozilla.gecko.sqlite.SQLiteBridge;
1.21 +import org.mozilla.gecko.sync.Utils;
1.22 +
1.23 +import android.content.ContentValues;
1.24 +import android.content.Intent;
1.25 +import android.content.UriMatcher;
1.26 +import android.database.Cursor;
1.27 +import android.net.Uri;
1.28 +import android.text.TextUtils;
1.29 +import android.util.Log;
1.30 +
1.31 +public class PasswordsProvider extends SQLiteBridgeContentProvider {
1.32 + static final String TABLE_PASSWORDS = "moz_logins";
1.33 + static final String TABLE_DELETED_PASSWORDS = "moz_deleted_logins";
1.34 +
1.35 + private static final String TELEMETRY_TAG = "SQLITEBRIDGE_PROVIDER_PASSWORDS";
1.36 +
1.37 + private static final int PASSWORDS = 100;
1.38 + private static final int DELETED_PASSWORDS = 101;
1.39 +
1.40 + static final String DEFAULT_PASSWORDS_SORT_ORDER = Passwords.HOSTNAME + " ASC";
1.41 + static final String DEFAULT_DELETED_PASSWORDS_SORT_ORDER = DeletedPasswords.TIME_DELETED + " ASC";
1.42 +
1.43 + private static final UriMatcher URI_MATCHER;
1.44 +
1.45 + private static HashMap<String, String> PASSWORDS_PROJECTION_MAP;
1.46 + private static HashMap<String, String> DELETED_PASSWORDS_PROJECTION_MAP;
1.47 +
1.48 + // this should be kept in sync with the version in toolkit/components/passwordmgr/storage-mozStorage.js
1.49 + private static final int DB_VERSION = 5;
1.50 + private static final String DB_FILENAME = "signons.sqlite";
1.51 + private static final String WHERE_GUID_IS_NULL = BrowserContract.DeletedPasswords.GUID + " IS NULL";
1.52 + private static final String WHERE_GUID_IS_VALUE = BrowserContract.DeletedPasswords.GUID + " = ?";
1.53 +
1.54 + private static final String LOG_TAG = "GeckPasswordsProvider";
1.55 +
1.56 + static {
1.57 + URI_MATCHER = new UriMatcher(UriMatcher.NO_MATCH);
1.58 +
1.59 + // content://org.mozilla.gecko.providers.browser/passwords/#
1.60 + URI_MATCHER.addURI(BrowserContract.PASSWORDS_AUTHORITY, "passwords", PASSWORDS);
1.61 +
1.62 + PASSWORDS_PROJECTION_MAP = new HashMap<String, String>();
1.63 + PASSWORDS_PROJECTION_MAP.put(Passwords.ID, Passwords.ID);
1.64 + PASSWORDS_PROJECTION_MAP.put(Passwords.HOSTNAME, Passwords.HOSTNAME);
1.65 + PASSWORDS_PROJECTION_MAP.put(Passwords.HTTP_REALM, Passwords.HTTP_REALM);
1.66 + PASSWORDS_PROJECTION_MAP.put(Passwords.FORM_SUBMIT_URL, Passwords.FORM_SUBMIT_URL);
1.67 + PASSWORDS_PROJECTION_MAP.put(Passwords.USERNAME_FIELD, Passwords.USERNAME_FIELD);
1.68 + PASSWORDS_PROJECTION_MAP.put(Passwords.PASSWORD_FIELD, Passwords.PASSWORD_FIELD);
1.69 + PASSWORDS_PROJECTION_MAP.put(Passwords.ENCRYPTED_USERNAME, Passwords.ENCRYPTED_USERNAME);
1.70 + PASSWORDS_PROJECTION_MAP.put(Passwords.ENCRYPTED_PASSWORD, Passwords.ENCRYPTED_PASSWORD);
1.71 + PASSWORDS_PROJECTION_MAP.put(Passwords.GUID, Passwords.GUID);
1.72 + PASSWORDS_PROJECTION_MAP.put(Passwords.ENC_TYPE, Passwords.ENC_TYPE);
1.73 + PASSWORDS_PROJECTION_MAP.put(Passwords.TIME_CREATED, Passwords.TIME_CREATED);
1.74 + PASSWORDS_PROJECTION_MAP.put(Passwords.TIME_LAST_USED, Passwords.TIME_LAST_USED);
1.75 + PASSWORDS_PROJECTION_MAP.put(Passwords.TIME_PASSWORD_CHANGED, Passwords.TIME_PASSWORD_CHANGED);
1.76 + PASSWORDS_PROJECTION_MAP.put(Passwords.TIMES_USED, Passwords.TIMES_USED);
1.77 +
1.78 + URI_MATCHER.addURI(BrowserContract.PASSWORDS_AUTHORITY, "deleted-passwords", DELETED_PASSWORDS);
1.79 +
1.80 + DELETED_PASSWORDS_PROJECTION_MAP = new HashMap<String, String>();
1.81 + DELETED_PASSWORDS_PROJECTION_MAP.put(DeletedPasswords.ID, DeletedPasswords.ID);
1.82 + DELETED_PASSWORDS_PROJECTION_MAP.put(DeletedPasswords.GUID, DeletedPasswords.GUID);
1.83 + DELETED_PASSWORDS_PROJECTION_MAP.put(DeletedPasswords.TIME_DELETED, DeletedPasswords.TIME_DELETED);
1.84 +
1.85 + // We don't use .loadMozGlue because we're in a different process,
1.86 + // and we just want to reuse code rather than use the loader lock etc.
1.87 + GeckoLoader.doLoadLibrary("mozglue");
1.88 + }
1.89 +
1.90 + public PasswordsProvider() {
1.91 + super(LOG_TAG);
1.92 + }
1.93 +
1.94 + @Override
1.95 + protected String getDBName(){
1.96 + return DB_FILENAME;
1.97 + }
1.98 +
1.99 + @Override
1.100 + protected String getTelemetryPrefix() {
1.101 + return TELEMETRY_TAG;
1.102 + }
1.103 +
1.104 + @Override
1.105 + protected int getDBVersion(){
1.106 + return DB_VERSION;
1.107 + }
1.108 +
1.109 + @Override
1.110 + public String getType(Uri uri) {
1.111 + final int match = URI_MATCHER.match(uri);
1.112 +
1.113 + switch (match) {
1.114 + case PASSWORDS:
1.115 + return Passwords.CONTENT_TYPE;
1.116 +
1.117 + case DELETED_PASSWORDS:
1.118 + return DeletedPasswords.CONTENT_TYPE;
1.119 +
1.120 + default:
1.121 + throw new UnsupportedOperationException("Unknown type " + uri);
1.122 + }
1.123 + }
1.124 +
1.125 + @Override
1.126 + public String getTable(Uri uri) {
1.127 + final int match = URI_MATCHER.match(uri);
1.128 + switch (match) {
1.129 + case DELETED_PASSWORDS:
1.130 + return TABLE_DELETED_PASSWORDS;
1.131 +
1.132 + case PASSWORDS:
1.133 + return TABLE_PASSWORDS;
1.134 +
1.135 + default:
1.136 + throw new UnsupportedOperationException("Unknown table " + uri);
1.137 + }
1.138 + }
1.139 +
1.140 + @Override
1.141 + public String getSortOrder(Uri uri, String aRequested) {
1.142 + if (!TextUtils.isEmpty(aRequested)) {
1.143 + return aRequested;
1.144 + }
1.145 +
1.146 + final int match = URI_MATCHER.match(uri);
1.147 + switch (match) {
1.148 + case DELETED_PASSWORDS:
1.149 + return DEFAULT_DELETED_PASSWORDS_SORT_ORDER;
1.150 +
1.151 + case PASSWORDS:
1.152 + return DEFAULT_PASSWORDS_SORT_ORDER;
1.153 +
1.154 + default:
1.155 + throw new UnsupportedOperationException("Unknown URI " + uri);
1.156 + }
1.157 + }
1.158 +
1.159 + @Override
1.160 + public void setupDefaults(Uri uri, ContentValues values)
1.161 + throws IllegalArgumentException {
1.162 + int match = URI_MATCHER.match(uri);
1.163 + long now = System.currentTimeMillis();
1.164 + switch (match) {
1.165 + case DELETED_PASSWORDS:
1.166 + values.put(DeletedPasswords.TIME_DELETED, now);
1.167 +
1.168 + // Deleted passwords must contain a guid
1.169 + if (!values.containsKey(Passwords.GUID)) {
1.170 + throw new IllegalArgumentException("Must provide a GUID for a deleted password");
1.171 + }
1.172 + break;
1.173 +
1.174 + case PASSWORDS:
1.175 + values.put(Passwords.TIME_CREATED, now);
1.176 +
1.177 + // Generate GUID for new password. Don't override specified GUIDs.
1.178 + if (!values.containsKey(Passwords.GUID)) {
1.179 + String guid = Utils.generateGuid();
1.180 + values.put(Passwords.GUID, guid);
1.181 + }
1.182 + String nowString = new Long(now).toString();
1.183 + DBUtils.replaceKey(values, null, Passwords.HOSTNAME, "");
1.184 + DBUtils.replaceKey(values, null, Passwords.HTTP_REALM, "");
1.185 + DBUtils.replaceKey(values, null, Passwords.FORM_SUBMIT_URL, "");
1.186 + DBUtils.replaceKey(values, null, Passwords.USERNAME_FIELD, "");
1.187 + DBUtils.replaceKey(values, null, Passwords.PASSWORD_FIELD, "");
1.188 + DBUtils.replaceKey(values, null, Passwords.ENCRYPTED_USERNAME, "");
1.189 + DBUtils.replaceKey(values, null, Passwords.ENCRYPTED_PASSWORD, "");
1.190 + DBUtils.replaceKey(values, null, Passwords.ENC_TYPE, "0");
1.191 + DBUtils.replaceKey(values, null, Passwords.TIME_LAST_USED, nowString);
1.192 + DBUtils.replaceKey(values, null, Passwords.TIME_PASSWORD_CHANGED, nowString);
1.193 + DBUtils.replaceKey(values, null, Passwords.TIMES_USED, "0");
1.194 + break;
1.195 +
1.196 + default:
1.197 + throw new UnsupportedOperationException("Unknown URI " + uri);
1.198 + }
1.199 + }
1.200 +
1.201 + @Override
1.202 + public void initGecko() {
1.203 + GeckoAppShell.sendEventToGecko(GeckoEvent.createBroadcastEvent("Passwords:Init", null));
1.204 + Intent initIntent = new Intent(GeckoApp.ACTION_INIT_PW);
1.205 + mContext.sendBroadcast(initIntent);
1.206 + }
1.207 +
1.208 + private String doCrypto(String initialValue, Uri uri, Boolean encrypt) {
1.209 + String profilePath = null;
1.210 + if (uri != null) {
1.211 + profilePath = uri.getQueryParameter(BrowserContract.PARAM_PROFILE_PATH);
1.212 + }
1.213 +
1.214 + String result = "";
1.215 + try {
1.216 + if (encrypt) {
1.217 + if (profilePath != null) {
1.218 + result = NSSBridge.encrypt(mContext, profilePath, initialValue);
1.219 + } else {
1.220 + result = NSSBridge.encrypt(mContext, initialValue);
1.221 + }
1.222 + } else {
1.223 + if (profilePath != null) {
1.224 + result = NSSBridge.decrypt(mContext, profilePath, initialValue);
1.225 + } else {
1.226 + result = NSSBridge.decrypt(mContext, initialValue);
1.227 + }
1.228 + }
1.229 + } catch (Exception ex) {
1.230 + Log.e(LOG_TAG, "Error in NSSBridge");
1.231 + throw new RuntimeException(ex);
1.232 + }
1.233 + return result;
1.234 + }
1.235 +
1.236 + @Override
1.237 + public void onPreInsert(ContentValues values, Uri uri, SQLiteBridge db) {
1.238 + if (values.containsKey(Passwords.GUID)) {
1.239 + String guid = values.getAsString(Passwords.GUID);
1.240 + if (guid == null) {
1.241 + db.delete(TABLE_DELETED_PASSWORDS, WHERE_GUID_IS_NULL, null);
1.242 + return;
1.243 + }
1.244 + String[] args = new String[] { guid };
1.245 + db.delete(TABLE_DELETED_PASSWORDS, WHERE_GUID_IS_VALUE, args);
1.246 + }
1.247 +
1.248 + if (values.containsKey(Passwords.ENCRYPTED_PASSWORD)) {
1.249 + String res = doCrypto(values.getAsString(Passwords.ENCRYPTED_PASSWORD), uri, true);
1.250 + values.put(Passwords.ENCRYPTED_PASSWORD, res);
1.251 + values.put(Passwords.ENC_TYPE, Passwords.ENCTYPE_SDR);
1.252 + }
1.253 +
1.254 + if (values.containsKey(Passwords.ENCRYPTED_USERNAME)) {
1.255 + String res = doCrypto(values.getAsString(Passwords.ENCRYPTED_USERNAME), uri, true);
1.256 + values.put(Passwords.ENCRYPTED_USERNAME, res);
1.257 + values.put(Passwords.ENC_TYPE, Passwords.ENCTYPE_SDR);
1.258 + }
1.259 + }
1.260 +
1.261 + @Override
1.262 + public void onPreUpdate(ContentValues values, Uri uri, SQLiteBridge db) {
1.263 + if (values.containsKey(Passwords.ENCRYPTED_PASSWORD)) {
1.264 + String res = doCrypto(values.getAsString(Passwords.ENCRYPTED_PASSWORD), uri, true);
1.265 + values.put(Passwords.ENCRYPTED_PASSWORD, res);
1.266 + values.put(Passwords.ENC_TYPE, Passwords.ENCTYPE_SDR);
1.267 + }
1.268 +
1.269 + if (values.containsKey(Passwords.ENCRYPTED_USERNAME)) {
1.270 + String res = doCrypto(values.getAsString(Passwords.ENCRYPTED_USERNAME), uri, true);
1.271 + values.put(Passwords.ENCRYPTED_USERNAME, res);
1.272 + values.put(Passwords.ENC_TYPE, Passwords.ENCTYPE_SDR);
1.273 + }
1.274 + }
1.275 +
1.276 + @Override
1.277 + public void onPostQuery(Cursor cursor, Uri uri, SQLiteBridge db) {
1.278 + int passwordIndex = -1;
1.279 + int usernameIndex = -1;
1.280 + String profilePath = null;
1.281 +
1.282 + try {
1.283 + passwordIndex = cursor.getColumnIndexOrThrow(Passwords.ENCRYPTED_PASSWORD);
1.284 + } catch(Exception ex) { }
1.285 + try {
1.286 + usernameIndex = cursor.getColumnIndexOrThrow(Passwords.ENCRYPTED_USERNAME);
1.287 + } catch(Exception ex) { }
1.288 +
1.289 + if (passwordIndex > -1 || usernameIndex > -1) {
1.290 + MatrixBlobCursor m = (MatrixBlobCursor)cursor;
1.291 + if (cursor.moveToFirst()) {
1.292 + do {
1.293 + if (passwordIndex > -1) {
1.294 + String decrypted = doCrypto(cursor.getString(passwordIndex), uri, false);;
1.295 + m.set(passwordIndex, decrypted);
1.296 + }
1.297 +
1.298 + if (usernameIndex > -1) {
1.299 + String decrypted = doCrypto(cursor.getString(usernameIndex), uri, false);
1.300 + m.set(usernameIndex, decrypted);
1.301 + }
1.302 + } while(cursor.moveToNext());
1.303 + }
1.304 + }
1.305 + }
1.306 +}
