@dynamic-labs-sdk/client 1.8.1 → 1.9.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/android/src/main/java/xyz/dynamic/client/DynamicClientPackage.kt +10 -0
- package/android/src/main/java/xyz/dynamic/client/screenshot/ScreenshotProtectionModule.kt +48 -0
- package/dist/{InvalidParamError-DGBih-LJ.cjs → InvalidParamError-C7LLi2cZ.cjs} +91 -13
- package/dist/InvalidParamError-C7LLi2cZ.cjs.map +1 -0
- package/dist/{InvalidParamError-BKnC9rcJ.esm.js → InvalidParamError-DIPFT3sS.esm.js} +73 -13
- package/dist/InvalidParamError-DIPFT3sS.esm.js.map +1 -0
- package/dist/{InvalidParamError-Btv8VGSa.native.esm.js → InvalidParamError-YG7yXCq5.native.esm.js} +294 -13
- package/dist/InvalidParamError-YG7yXCq5.native.esm.js.map +1 -0
- package/dist/NotWaasWalletAccountError-BWrDQFe8.esm.js +18 -0
- package/dist/NotWaasWalletAccountError-BWrDQFe8.esm.js.map +1 -0
- package/dist/NotWaasWalletAccountError-C8ex1YA_.cjs +23 -0
- package/dist/NotWaasWalletAccountError-C8ex1YA_.cjs.map +1 -0
- package/dist/NotWaasWalletAccountError-Cd2o0wr0.native.esm.js +18 -0
- package/dist/NotWaasWalletAccountError-Cd2o0wr0.native.esm.js.map +1 -0
- package/dist/client/core/createCore/getInitialState.d.ts +1 -1
- package/dist/client/core/createCore/getInitialState.d.ts.map +1 -1
- package/dist/client/createDynamicClient/createDynamicClient.d.ts.map +1 -1
- package/dist/client/types/DynamicClient.d.ts +9 -0
- package/dist/client/types/DynamicClient.d.ts.map +1 -1
- package/dist/core.cjs +24 -5
- package/dist/core.cjs.map +1 -1
- package/dist/core.esm.js +24 -6
- package/dist/core.esm.js.map +1 -1
- package/dist/core.native.esm.js +34 -9
- package/dist/core.native.esm.js.map +1 -1
- package/dist/exports/core.d.ts +4 -0
- package/dist/exports/core.d.ts.map +1 -1
- package/dist/exports/index.d.ts +0 -7
- package/dist/exports/index.d.ts.map +1 -1
- package/dist/exports/waasCore.d.ts +2 -0
- package/dist/exports/waasCore.d.ts.map +1 -1
- package/dist/{getNetworkProviderFromNetworkId-Bm41knUq.native.esm.js → getNetworkProviderFromNetworkId-C46TeXs8.native.esm.js} +17 -12
- package/dist/getNetworkProviderFromNetworkId-C46TeXs8.native.esm.js.map +1 -0
- package/dist/{getNetworkProviderFromNetworkId-BdgI7g5U.cjs → getNetworkProviderFromNetworkId-CBGWQS_K.cjs} +4 -4
- package/dist/{getNetworkProviderFromNetworkId-BdgI7g5U.cjs.map → getNetworkProviderFromNetworkId-CBGWQS_K.cjs.map} +1 -1
- package/dist/{getNetworkProviderFromNetworkId-CRuh5pgc.esm.js → getNetworkProviderFromNetworkId-D-wj5mPl.esm.js} +3 -3
- package/dist/{getNetworkProviderFromNetworkId-CRuh5pgc.esm.js.map → getNetworkProviderFromNetworkId-D-wj5mPl.esm.js.map} +1 -1
- package/dist/{getSignedSessionId-Cwmt4BkY.cjs → getSignedSessionId-CCHKjoeP.cjs} +3 -3
- package/dist/{getSignedSessionId-Cwmt4BkY.cjs.map → getSignedSessionId-CCHKjoeP.cjs.map} +1 -1
- package/dist/{getSignedSessionId-S6CBWkOn.native.esm.js → getSignedSessionId-DdKTM3Rh.native.esm.js} +3 -3
- package/dist/{getSignedSessionId-S6CBWkOn.native.esm.js.map → getSignedSessionId-DdKTM3Rh.native.esm.js.map} +1 -1
- package/dist/{getSignedSessionId-D2w_IRdt.esm.js → getSignedSessionId-Dy04984p.esm.js} +3 -3
- package/dist/{getSignedSessionId-D2w_IRdt.esm.js.map → getSignedSessionId-Dy04984p.esm.js.map} +1 -1
- package/dist/{getVerifiedCredentialForWalletAccount-QwfkKHfr.esm.js → getVerifiedCredentialForWalletAccount-BFCM2wnx.esm.js} +3 -10
- package/dist/getVerifiedCredentialForWalletAccount-BFCM2wnx.esm.js.map +1 -0
- package/dist/{getVerifiedCredentialForWalletAccount-CDuP1kaI.cjs → getVerifiedCredentialForWalletAccount-BtIVDer3.cjs} +4 -17
- package/dist/getVerifiedCredentialForWalletAccount-BtIVDer3.cjs.map +1 -0
- package/dist/{getVerifiedCredentialForWalletAccount-D33r7Drd.native.esm.js → getVerifiedCredentialForWalletAccount-Dsca691m.native.esm.js} +3 -236
- package/dist/getVerifiedCredentialForWalletAccount-Dsca691m.native.esm.js.map +1 -0
- package/dist/getWaasWalletProviderFromWalletAccount-5-EJK6a_.cjs +19 -0
- package/dist/getWaasWalletProviderFromWalletAccount-5-EJK6a_.cjs.map +1 -0
- package/dist/getWaasWalletProviderFromWalletAccount-AhhyxkKQ.esm.js +14 -0
- package/dist/getWaasWalletProviderFromWalletAccount-AhhyxkKQ.esm.js.map +1 -0
- package/dist/getWaasWalletProviderFromWalletAccount-EnCRdI3w.native.esm.js +14 -0
- package/dist/getWaasWalletProviderFromWalletAccount-EnCRdI3w.native.esm.js.map +1 -0
- package/dist/index.cjs +65 -15
- package/dist/index.cjs.map +1 -1
- package/dist/index.esm.js +61 -11
- package/dist/index.esm.js.map +1 -1
- package/dist/index.native.esm.js +64 -14
- package/dist/index.native.esm.js.map +1 -1
- package/dist/{isMfaRequiredForAction-5p3i98-Z.esm.js → isMfaRequiredForAction-BrmFODJQ.esm.js} +2 -2
- package/dist/{isMfaRequiredForAction-5p3i98-Z.esm.js.map → isMfaRequiredForAction-BrmFODJQ.esm.js.map} +1 -1
- package/dist/{isMfaRequiredForAction-cmElIVof.native.esm.js → isMfaRequiredForAction-DAfjBLvz.native.esm.js} +2 -2
- package/dist/{isMfaRequiredForAction-cmElIVof.native.esm.js.map → isMfaRequiredForAction-DAfjBLvz.native.esm.js.map} +1 -1
- package/dist/{isMfaRequiredForAction-z74isCQ7.cjs → isMfaRequiredForAction-aX0vdwv-.cjs} +2 -2
- package/dist/{isMfaRequiredForAction-z74isCQ7.cjs.map → isMfaRequiredForAction-aX0vdwv-.cjs.map} +1 -1
- package/dist/modules/balances/getBalances/getBalances.d.ts +5 -2
- package/dist/modules/balances/getBalances/getBalances.d.ts.map +1 -1
- package/dist/modules/balances/getMultichainBalances/getMultichainBalances.d.ts +6 -3
- package/dist/modules/balances/getMultichainBalances/getMultichainBalances.d.ts.map +1 -1
- package/dist/modules/checkout/checkout.types.d.ts +6 -6
- package/dist/modules/checkout/checkout.types.d.ts.map +1 -1
- package/dist/modules/initializeClient/initializeClient.d.ts.map +1 -1
- package/dist/modules/initializeClient/state.d.ts +9 -0
- package/dist/modules/initializeClient/state.d.ts.map +1 -1
- package/dist/modules/screenshotProtection/setScreenshotProtection/setScreenshotProtection.d.ts +15 -0
- package/dist/modules/screenshotProtection/setScreenshotProtection/setScreenshotProtection.d.ts.map +1 -0
- package/dist/modules/screenshotProtection/setScreenshotProtection/setScreenshotProtection.types.d.ts +14 -0
- package/dist/modules/screenshotProtection/setScreenshotProtection/setScreenshotProtection.types.d.ts.map +1 -0
- package/dist/modules/state/raiseStateEvents/events.d.ts +4 -0
- package/dist/modules/state/raiseStateEvents/events.d.ts.map +1 -1
- package/dist/modules/waas/createWaasClient/createNativeWaasSDKContainer.d.ts +15 -0
- package/dist/modules/waas/createWaasClient/createNativeWaasSDKContainer.d.ts.map +1 -0
- package/dist/modules/waas/createWaasProvider/createWaasProvider.d.ts.map +1 -1
- package/dist/modules/waas/exportWaasPrivateKeyToContainer/exportWaasPrivateKeyToContainer.d.ts +33 -0
- package/dist/modules/waas/exportWaasPrivateKeyToContainer/exportWaasPrivateKeyToContainer.d.ts.map +1 -0
- package/dist/modules/waas/exportWaasPrivateKeyToContainer/index.d.ts +2 -0
- package/dist/modules/waas/exportWaasPrivateKeyToContainer/index.d.ts.map +1 -0
- package/dist/modules/waas/waas.types.d.ts +3 -1
- package/dist/modules/waas/waas.types.d.ts.map +1 -1
- package/dist/modules/wallets/networks/getBalance/getBalance.d.ts +5 -1
- package/dist/modules/wallets/networks/getBalance/getBalance.d.ts.map +1 -1
- package/dist/{NotWaasWalletAccountError-CHr72wTH.esm.js → refreshAuth-B2kFf0pl.native.esm.js} +4 -18
- package/dist/refreshAuth-B2kFf0pl.native.esm.js.map +1 -0
- package/dist/{NotWaasWalletAccountError-CRmyVoB3.native.esm.js → refreshAuth-B8xd2JUm.esm.js} +4 -18
- package/dist/refreshAuth-B8xd2JUm.esm.js.map +1 -0
- package/dist/{NotWaasWalletAccountError-i1FozGep.cjs → refreshAuth-BMtIp1do.cjs} +3 -23
- package/dist/refreshAuth-BMtIp1do.cjs.map +1 -0
- package/dist/services/instrumentation/connectLoggerToInstrumentation/connectLoggerToInstrumentation.d.ts.map +1 -1
- package/dist/services/instrumentation/instrumentFunction/instrumentFunction.d.ts.map +1 -1
- package/dist/services/instrumentation/instrumentation.types.d.ts +6 -0
- package/dist/services/instrumentation/instrumentation.types.d.ts.map +1 -1
- package/dist/tsconfig.lib.tsbuildinfo +1 -1
- package/dist/utils/getNonce/fetchAndStoreNonces/fetchAndStoreNonces.d.ts +4 -0
- package/dist/utils/getNonce/fetchAndStoreNonces/fetchAndStoreNonces.d.ts.map +1 -1
- package/dist/utils/getNonce/state.d.ts +5 -0
- package/dist/utils/getNonce/state.d.ts.map +1 -1
- package/dist/utils/getOperatingSystem/getOperatingSystem.d.ts +13 -0
- package/dist/utils/getOperatingSystem/getOperatingSystem.d.ts.map +1 -0
- package/dist/utils/getOperatingSystem/getOperatingSystem.types.d.ts +8 -0
- package/dist/utils/getOperatingSystem/getOperatingSystem.types.d.ts.map +1 -0
- package/dist/utils/getPlatform/getPlatform.d.ts +11 -0
- package/dist/utils/getPlatform/getPlatform.d.ts.map +1 -0
- package/dist/utils/getPlatform/getPlatform.types.d.ts +8 -0
- package/dist/utils/getPlatform/getPlatform.types.d.ts.map +1 -0
- package/dist/waas.cjs +20 -28
- package/dist/waas.cjs.map +1 -1
- package/dist/waas.esm.js +4 -12
- package/dist/waas.esm.js.map +1 -1
- package/dist/waas.native.esm.js +4 -12
- package/dist/waas.native.esm.js.map +1 -1
- package/dist/waasCore.cjs +39 -4
- package/dist/waasCore.cjs.map +1 -1
- package/dist/waasCore.esm.js +39 -5
- package/dist/waasCore.esm.js.map +1 -1
- package/dist/waasCore.native.esm.js +68 -10
- package/dist/waasCore.native.esm.js.map +1 -1
- package/ios/DynamicClientScreenshotProtection.h +4 -0
- package/ios/DynamicClientScreenshotProtection.mm +137 -0
- package/package.json +14 -7
- package/src/turboModules/NativeScreenshotProtection.native.spec.ts +57 -0
- package/src/turboModules/NativeScreenshotProtection.ts +26 -0
- package/android/gradle/wrapper/gradle-wrapper.jar +0 -0
- package/android/gradle/wrapper/gradle-wrapper.properties +0 -7
- package/android/gradlew +0 -251
- package/android/gradlew.bat +0 -94
- package/android/settings.gradle +0 -30
- package/android/src/test/java/xyz/dynamic/client/keychain/KeyStoreKeyManagerTest.kt +0 -288
- package/android/src/test/java/xyz/dynamic/client/webview/DynamicWebViewClientTest.kt +0 -196
- package/android/src/test/java/xyz/dynamic/client/webview/DynamicWebViewHostOpenTest.kt +0 -347
- package/android/src/test/java/xyz/dynamic/client/webview/DynamicWebViewHostTest.kt +0 -171
- package/android/src/test/java/xyz/dynamic/client/webview/DynamicWebViewModuleTest.kt +0 -191
- package/dist/InvalidParamError-BKnC9rcJ.esm.js.map +0 -1
- package/dist/InvalidParamError-Btv8VGSa.native.esm.js.map +0 -1
- package/dist/InvalidParamError-DGBih-LJ.cjs.map +0 -1
- package/dist/NotWaasWalletAccountError-CHr72wTH.esm.js.map +0 -1
- package/dist/NotWaasWalletAccountError-CRmyVoB3.native.esm.js.map +0 -1
- package/dist/NotWaasWalletAccountError-i1FozGep.cjs.map +0 -1
- package/dist/getNetworkProviderFromNetworkId-Bm41knUq.native.esm.js.map +0 -1
- package/dist/getVerifiedCredentialForWalletAccount-CDuP1kaI.cjs.map +0 -1
- package/dist/getVerifiedCredentialForWalletAccount-D33r7Drd.native.esm.js.map +0 -1
- package/dist/getVerifiedCredentialForWalletAccount-QwfkKHfr.esm.js.map +0 -1
- package/react-native.config.cjs +0 -14
package/android/gradlew
DELETED
|
@@ -1,251 +0,0 @@
|
|
|
1
|
-
#!/bin/sh
|
|
2
|
-
|
|
3
|
-
#
|
|
4
|
-
# Copyright © 2015-2021 the original authors.
|
|
5
|
-
#
|
|
6
|
-
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
7
|
-
# you may not use this file except in compliance with the License.
|
|
8
|
-
# You may obtain a copy of the License at
|
|
9
|
-
#
|
|
10
|
-
# https://www.apache.org/licenses/LICENSE-2.0
|
|
11
|
-
#
|
|
12
|
-
# Unless required by applicable law or agreed to in writing, software
|
|
13
|
-
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
14
|
-
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
15
|
-
# See the License for the specific language governing permissions and
|
|
16
|
-
# limitations under the License.
|
|
17
|
-
#
|
|
18
|
-
# SPDX-License-Identifier: Apache-2.0
|
|
19
|
-
#
|
|
20
|
-
|
|
21
|
-
##############################################################################
|
|
22
|
-
#
|
|
23
|
-
# Gradle start up script for POSIX generated by Gradle.
|
|
24
|
-
#
|
|
25
|
-
# Important for running:
|
|
26
|
-
#
|
|
27
|
-
# (1) You need a POSIX-compliant shell to run this script. If your /bin/sh is
|
|
28
|
-
# noncompliant, but you have some other compliant shell such as ksh or
|
|
29
|
-
# bash, then to run this script, type that shell name before the whole
|
|
30
|
-
# command line, like:
|
|
31
|
-
#
|
|
32
|
-
# ksh Gradle
|
|
33
|
-
#
|
|
34
|
-
# Busybox and similar reduced shells will NOT work, because this script
|
|
35
|
-
# requires all of these POSIX shell features:
|
|
36
|
-
# * functions;
|
|
37
|
-
# * expansions «$var», «${var}», «${var:-default}», «${var+SET}»,
|
|
38
|
-
# «${var#prefix}», «${var%suffix}», and «$( cmd )»;
|
|
39
|
-
# * compound commands having a testable exit status, especially «case»;
|
|
40
|
-
# * various built-in commands including «command», «set», and «ulimit».
|
|
41
|
-
#
|
|
42
|
-
# Important for patching:
|
|
43
|
-
#
|
|
44
|
-
# (2) This script targets any POSIX shell, so it avoids extensions provided
|
|
45
|
-
# by Bash, Ksh, etc; in particular arrays are avoided.
|
|
46
|
-
#
|
|
47
|
-
# The "traditional" practice of packing multiple parameters into a
|
|
48
|
-
# space-separated string is a well documented source of bugs and security
|
|
49
|
-
# problems, so this is (mostly) avoided, by progressively accumulating
|
|
50
|
-
# options in "$@", and eventually passing that to Java.
|
|
51
|
-
#
|
|
52
|
-
# Where the inherited environment variables (DEFAULT_JVM_OPTS, JAVA_OPTS,
|
|
53
|
-
# and GRADLE_OPTS) rely on word-splitting, this is performed explicitly;
|
|
54
|
-
# see the in-line comments for details.
|
|
55
|
-
#
|
|
56
|
-
# There are tweaks for specific operating systems such as AIX, CygWin,
|
|
57
|
-
# Darwin, MinGW, and NonStop.
|
|
58
|
-
#
|
|
59
|
-
# (3) This script is generated from the Groovy template
|
|
60
|
-
# https://github.com/gradle/gradle/blob/HEAD/platforms/jvm/plugins-application/src/main/resources/org/gradle/api/internal/plugins/unixStartScript.txt
|
|
61
|
-
# within the Gradle project.
|
|
62
|
-
#
|
|
63
|
-
# You can find Gradle at https://github.com/gradle/gradle/.
|
|
64
|
-
#
|
|
65
|
-
##############################################################################
|
|
66
|
-
|
|
67
|
-
# Attempt to set APP_HOME
|
|
68
|
-
|
|
69
|
-
# Resolve links: $0 may be a link
|
|
70
|
-
app_path=$0
|
|
71
|
-
|
|
72
|
-
# Need this for daisy-chained symlinks.
|
|
73
|
-
while
|
|
74
|
-
APP_HOME=${app_path%"${app_path##*/}"} # leaves a trailing /; empty if no leading path
|
|
75
|
-
[ -h "$app_path" ]
|
|
76
|
-
do
|
|
77
|
-
ls=$( ls -ld "$app_path" )
|
|
78
|
-
link=${ls#*' -> '}
|
|
79
|
-
case $link in #(
|
|
80
|
-
/*) app_path=$link ;; #(
|
|
81
|
-
*) app_path=$APP_HOME$link ;;
|
|
82
|
-
esac
|
|
83
|
-
done
|
|
84
|
-
|
|
85
|
-
# This is normally unused
|
|
86
|
-
# shellcheck disable=SC2034
|
|
87
|
-
APP_BASE_NAME=${0##*/}
|
|
88
|
-
# Discard cd standard output in case $CDPATH is set (https://github.com/gradle/gradle/issues/25036)
|
|
89
|
-
APP_HOME=$( cd -P "${APP_HOME:-./}" > /dev/null && printf '%s\n' "$PWD" ) || exit
|
|
90
|
-
|
|
91
|
-
# Use the maximum available, or set MAX_FD != -1 to use that value.
|
|
92
|
-
MAX_FD=maximum
|
|
93
|
-
|
|
94
|
-
warn () {
|
|
95
|
-
echo "$*"
|
|
96
|
-
} >&2
|
|
97
|
-
|
|
98
|
-
die () {
|
|
99
|
-
echo
|
|
100
|
-
echo "$*"
|
|
101
|
-
echo
|
|
102
|
-
exit 1
|
|
103
|
-
} >&2
|
|
104
|
-
|
|
105
|
-
# OS specific support (must be 'true' or 'false').
|
|
106
|
-
cygwin=false
|
|
107
|
-
msys=false
|
|
108
|
-
darwin=false
|
|
109
|
-
nonstop=false
|
|
110
|
-
case "$( uname )" in #(
|
|
111
|
-
CYGWIN* ) cygwin=true ;; #(
|
|
112
|
-
Darwin* ) darwin=true ;; #(
|
|
113
|
-
MSYS* | MINGW* ) msys=true ;; #(
|
|
114
|
-
NONSTOP* ) nonstop=true ;;
|
|
115
|
-
esac
|
|
116
|
-
|
|
117
|
-
CLASSPATH="\\\"\\\""
|
|
118
|
-
|
|
119
|
-
|
|
120
|
-
# Determine the Java command to use to start the JVM.
|
|
121
|
-
if [ -n "$JAVA_HOME" ] ; then
|
|
122
|
-
if [ -x "$JAVA_HOME/jre/sh/java" ] ; then
|
|
123
|
-
# IBM's JDK on AIX uses strange locations for the executables
|
|
124
|
-
JAVACMD=$JAVA_HOME/jre/sh/java
|
|
125
|
-
else
|
|
126
|
-
JAVACMD=$JAVA_HOME/bin/java
|
|
127
|
-
fi
|
|
128
|
-
if [ ! -x "$JAVACMD" ] ; then
|
|
129
|
-
die "ERROR: JAVA_HOME is set to an invalid directory: $JAVA_HOME
|
|
130
|
-
|
|
131
|
-
Please set the JAVA_HOME variable in your environment to match the
|
|
132
|
-
location of your Java installation."
|
|
133
|
-
fi
|
|
134
|
-
else
|
|
135
|
-
JAVACMD=java
|
|
136
|
-
if ! command -v java >/dev/null 2>&1
|
|
137
|
-
then
|
|
138
|
-
die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
|
|
139
|
-
|
|
140
|
-
Please set the JAVA_HOME variable in your environment to match the
|
|
141
|
-
location of your Java installation."
|
|
142
|
-
fi
|
|
143
|
-
fi
|
|
144
|
-
|
|
145
|
-
# Increase the maximum file descriptors if we can.
|
|
146
|
-
if ! "$cygwin" && ! "$darwin" && ! "$nonstop" ; then
|
|
147
|
-
case $MAX_FD in #(
|
|
148
|
-
max*)
|
|
149
|
-
# In POSIX sh, ulimit -H is undefined. That's why the result is checked to see if it worked.
|
|
150
|
-
# shellcheck disable=SC2039,SC3045
|
|
151
|
-
MAX_FD=$( ulimit -H -n ) ||
|
|
152
|
-
warn "Could not query maximum file descriptor limit"
|
|
153
|
-
esac
|
|
154
|
-
case $MAX_FD in #(
|
|
155
|
-
'' | soft) :;; #(
|
|
156
|
-
*)
|
|
157
|
-
# In POSIX sh, ulimit -n is undefined. That's why the result is checked to see if it worked.
|
|
158
|
-
# shellcheck disable=SC2039,SC3045
|
|
159
|
-
ulimit -n "$MAX_FD" ||
|
|
160
|
-
warn "Could not set maximum file descriptor limit to $MAX_FD"
|
|
161
|
-
esac
|
|
162
|
-
fi
|
|
163
|
-
|
|
164
|
-
# Collect all arguments for the java command, stacking in reverse order:
|
|
165
|
-
# * args from the command line
|
|
166
|
-
# * the main class name
|
|
167
|
-
# * -classpath
|
|
168
|
-
# * -D...appname settings
|
|
169
|
-
# * --module-path (only if needed)
|
|
170
|
-
# * DEFAULT_JVM_OPTS, JAVA_OPTS, and GRADLE_OPTS environment variables.
|
|
171
|
-
|
|
172
|
-
# For Cygwin or MSYS, switch paths to Windows format before running java
|
|
173
|
-
if "$cygwin" || "$msys" ; then
|
|
174
|
-
APP_HOME=$( cygpath --path --mixed "$APP_HOME" )
|
|
175
|
-
CLASSPATH=$( cygpath --path --mixed "$CLASSPATH" )
|
|
176
|
-
|
|
177
|
-
JAVACMD=$( cygpath --unix "$JAVACMD" )
|
|
178
|
-
|
|
179
|
-
# Now convert the arguments - kludge to limit ourselves to /bin/sh
|
|
180
|
-
for arg do
|
|
181
|
-
if
|
|
182
|
-
case $arg in #(
|
|
183
|
-
-*) false ;; # don't mess with options #(
|
|
184
|
-
/?*) t=${arg#/} t=/${t%%/*} # looks like a POSIX filepath
|
|
185
|
-
[ -e "$t" ] ;; #(
|
|
186
|
-
*) false ;;
|
|
187
|
-
esac
|
|
188
|
-
then
|
|
189
|
-
arg=$( cygpath --path --ignore --mixed "$arg" )
|
|
190
|
-
fi
|
|
191
|
-
# Roll the args list around exactly as many times as the number of
|
|
192
|
-
# args, so each arg winds up back in the position where it started, but
|
|
193
|
-
# possibly modified.
|
|
194
|
-
#
|
|
195
|
-
# NB: a `for` loop captures its iteration list before it begins, so
|
|
196
|
-
# changing the positional parameters here affects neither the number of
|
|
197
|
-
# iterations, nor the values presented in `arg`.
|
|
198
|
-
shift # remove old arg
|
|
199
|
-
set -- "$@" "$arg" # push replacement arg
|
|
200
|
-
done
|
|
201
|
-
fi
|
|
202
|
-
|
|
203
|
-
|
|
204
|
-
# Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
|
|
205
|
-
DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"'
|
|
206
|
-
|
|
207
|
-
# Collect all arguments for the java command:
|
|
208
|
-
# * DEFAULT_JVM_OPTS, JAVA_OPTS, JAVA_OPTS, and optsEnvironmentVar are not allowed to contain shell fragments,
|
|
209
|
-
# and any embedded shellness will be escaped.
|
|
210
|
-
# * For example: A user cannot expect ${Hostname} to be expanded, as it is an environment variable and will be
|
|
211
|
-
# treated as '${Hostname}' itself on the command line.
|
|
212
|
-
|
|
213
|
-
set -- \
|
|
214
|
-
"-Dorg.gradle.appname=$APP_BASE_NAME" \
|
|
215
|
-
-classpath "$CLASSPATH" \
|
|
216
|
-
-jar "$APP_HOME/gradle/wrapper/gradle-wrapper.jar" \
|
|
217
|
-
"$@"
|
|
218
|
-
|
|
219
|
-
# Stop when "xargs" is not available.
|
|
220
|
-
if ! command -v xargs >/dev/null 2>&1
|
|
221
|
-
then
|
|
222
|
-
die "xargs is not available"
|
|
223
|
-
fi
|
|
224
|
-
|
|
225
|
-
# Use "xargs" to parse quoted args.
|
|
226
|
-
#
|
|
227
|
-
# With -n1 it outputs one arg per line, with the quotes and backslashes removed.
|
|
228
|
-
#
|
|
229
|
-
# In Bash we could simply go:
|
|
230
|
-
#
|
|
231
|
-
# readarray ARGS < <( xargs -n1 <<<"$var" ) &&
|
|
232
|
-
# set -- "${ARGS[@]}" "$@"
|
|
233
|
-
#
|
|
234
|
-
# but POSIX shell has neither arrays nor command substitution, so instead we
|
|
235
|
-
# post-process each arg (as a line of input to sed) to backslash-escape any
|
|
236
|
-
# character that might be a shell metacharacter, then use eval to reverse
|
|
237
|
-
# that process (while maintaining the separation between arguments), and wrap
|
|
238
|
-
# the whole thing up as a single "set" statement.
|
|
239
|
-
#
|
|
240
|
-
# This will of course break if any of these variables contains a newline or
|
|
241
|
-
# an unmatched quote.
|
|
242
|
-
#
|
|
243
|
-
|
|
244
|
-
eval "set -- $(
|
|
245
|
-
printf '%s\n' "$DEFAULT_JVM_OPTS $JAVA_OPTS $GRADLE_OPTS" |
|
|
246
|
-
xargs -n1 |
|
|
247
|
-
sed ' s~[^-[:alnum:]+,./:=@_]~\\&~g; ' |
|
|
248
|
-
tr '\n' ' '
|
|
249
|
-
)" '"$@"'
|
|
250
|
-
|
|
251
|
-
exec "$JAVACMD" "$@"
|
package/android/gradlew.bat
DELETED
|
@@ -1,94 +0,0 @@
|
|
|
1
|
-
@rem
|
|
2
|
-
@rem Copyright 2015 the original author or authors.
|
|
3
|
-
@rem
|
|
4
|
-
@rem Licensed under the Apache License, Version 2.0 (the "License");
|
|
5
|
-
@rem you may not use this file except in compliance with the License.
|
|
6
|
-
@rem You may obtain a copy of the License at
|
|
7
|
-
@rem
|
|
8
|
-
@rem https://www.apache.org/licenses/LICENSE-2.0
|
|
9
|
-
@rem
|
|
10
|
-
@rem Unless required by applicable law or agreed to in writing, software
|
|
11
|
-
@rem distributed under the License is distributed on an "AS IS" BASIS,
|
|
12
|
-
@rem WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
13
|
-
@rem See the License for the specific language governing permissions and
|
|
14
|
-
@rem limitations under the License.
|
|
15
|
-
@rem
|
|
16
|
-
@rem SPDX-License-Identifier: Apache-2.0
|
|
17
|
-
@rem
|
|
18
|
-
|
|
19
|
-
@if "%DEBUG%"=="" @echo off
|
|
20
|
-
@rem ##########################################################################
|
|
21
|
-
@rem
|
|
22
|
-
@rem Gradle startup script for Windows
|
|
23
|
-
@rem
|
|
24
|
-
@rem ##########################################################################
|
|
25
|
-
|
|
26
|
-
@rem Set local scope for the variables with windows NT shell
|
|
27
|
-
if "%OS%"=="Windows_NT" setlocal
|
|
28
|
-
|
|
29
|
-
set DIRNAME=%~dp0
|
|
30
|
-
if "%DIRNAME%"=="" set DIRNAME=.
|
|
31
|
-
@rem This is normally unused
|
|
32
|
-
set APP_BASE_NAME=%~n0
|
|
33
|
-
set APP_HOME=%DIRNAME%
|
|
34
|
-
|
|
35
|
-
@rem Resolve any "." and ".." in APP_HOME to make it shorter.
|
|
36
|
-
for %%i in ("%APP_HOME%") do set APP_HOME=%%~fi
|
|
37
|
-
|
|
38
|
-
@rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
|
|
39
|
-
set DEFAULT_JVM_OPTS="-Xmx64m" "-Xms64m"
|
|
40
|
-
|
|
41
|
-
@rem Find java.exe
|
|
42
|
-
if defined JAVA_HOME goto findJavaFromJavaHome
|
|
43
|
-
|
|
44
|
-
set JAVA_EXE=java.exe
|
|
45
|
-
%JAVA_EXE% -version >NUL 2>&1
|
|
46
|
-
if %ERRORLEVEL% equ 0 goto execute
|
|
47
|
-
|
|
48
|
-
echo. 1>&2
|
|
49
|
-
echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. 1>&2
|
|
50
|
-
echo. 1>&2
|
|
51
|
-
echo Please set the JAVA_HOME variable in your environment to match the 1>&2
|
|
52
|
-
echo location of your Java installation. 1>&2
|
|
53
|
-
|
|
54
|
-
goto fail
|
|
55
|
-
|
|
56
|
-
:findJavaFromJavaHome
|
|
57
|
-
set JAVA_HOME=%JAVA_HOME:"=%
|
|
58
|
-
set JAVA_EXE=%JAVA_HOME%/bin/java.exe
|
|
59
|
-
|
|
60
|
-
if exist "%JAVA_EXE%" goto execute
|
|
61
|
-
|
|
62
|
-
echo. 1>&2
|
|
63
|
-
echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME% 1>&2
|
|
64
|
-
echo. 1>&2
|
|
65
|
-
echo Please set the JAVA_HOME variable in your environment to match the 1>&2
|
|
66
|
-
echo location of your Java installation. 1>&2
|
|
67
|
-
|
|
68
|
-
goto fail
|
|
69
|
-
|
|
70
|
-
:execute
|
|
71
|
-
@rem Setup the command line
|
|
72
|
-
|
|
73
|
-
set CLASSPATH=
|
|
74
|
-
|
|
75
|
-
|
|
76
|
-
@rem Execute Gradle
|
|
77
|
-
"%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" -jar "%APP_HOME%\gradle\wrapper\gradle-wrapper.jar" %*
|
|
78
|
-
|
|
79
|
-
:end
|
|
80
|
-
@rem End local scope for the variables with windows NT shell
|
|
81
|
-
if %ERRORLEVEL% equ 0 goto mainEnd
|
|
82
|
-
|
|
83
|
-
:fail
|
|
84
|
-
rem Set variable GRADLE_EXIT_CONSOLE if you need the _script_ return code instead of
|
|
85
|
-
rem the _cmd.exe /c_ return code!
|
|
86
|
-
set EXIT_CODE=%ERRORLEVEL%
|
|
87
|
-
if %EXIT_CODE% equ 0 set EXIT_CODE=1
|
|
88
|
-
if not ""=="%GRADLE_EXIT_CONSOLE%" exit %EXIT_CODE%
|
|
89
|
-
exit /b %EXIT_CODE%
|
|
90
|
-
|
|
91
|
-
:mainEnd
|
|
92
|
-
if "%OS%"=="Windows_NT" endlocal
|
|
93
|
-
|
|
94
|
-
:omega
|
package/android/settings.gradle
DELETED
|
@@ -1,30 +0,0 @@
|
|
|
1
|
-
// Standalone settings for the test-only Gradle build of this RN library
|
|
2
|
-
// module. Production consumers build it via React Native autolinking inside
|
|
3
|
-
// their app (e.g. apps/expo-demo/android); this file exists solely so the
|
|
4
|
-
// module can be compiled and unit-tested in isolation by `pnpm test:android`.
|
|
5
|
-
//
|
|
6
|
-
// We resolve @react-native/gradle-plugin out of the monorepo node_modules
|
|
7
|
-
// (the same `node --print require.resolve(...)` trick the Expo demo app uses
|
|
8
|
-
// in apps/expo-demo/android/settings.gradle) and includeBuild it as a
|
|
9
|
-
// composite build. A TOP-LEVEL includeBuild (not pluginManagement) is what
|
|
10
|
-
// lets `com.facebook.react:react-native-gradle-plugin` on the buildscript
|
|
11
|
-
// classpath in build.gradle be substituted by the local build, so the
|
|
12
|
-
// `com.facebook.react` plugin — which drives TurboModule codegen — resolves
|
|
13
|
-
// without being published anywhere.
|
|
14
|
-
def reactNativeGradlePlugin = new File(
|
|
15
|
-
providers.exec {
|
|
16
|
-
workingDir(rootDir)
|
|
17
|
-
commandLine("node", "--print", "require.resolve('@react-native/gradle-plugin/package.json', { paths: [require.resolve('react-native/package.json')] })")
|
|
18
|
-
}.standardOutput.asText.get().trim()
|
|
19
|
-
).getParentFile().absolutePath
|
|
20
|
-
|
|
21
|
-
includeBuild(reactNativeGradlePlugin)
|
|
22
|
-
|
|
23
|
-
rootProject.name = 'dynamic-client-android'
|
|
24
|
-
|
|
25
|
-
// Marker read by build.gradle to gate the test-only configuration (codegen
|
|
26
|
-
// repointing, pinned react-android, test deps, JaCoCo). This settings file is
|
|
27
|
-
// only evaluated when the module is built standalone; a consuming app provides
|
|
28
|
-
// its own settings, so the flag stays unset there and the app build is
|
|
29
|
-
// unaffected.
|
|
30
|
-
gradle.ext.dynamicClientStandaloneBuild = true
|
|
@@ -1,288 +0,0 @@
|
|
|
1
|
-
package xyz.dynamic.client.keychain
|
|
2
|
-
|
|
3
|
-
import android.content.Context
|
|
4
|
-
import android.security.keystore.KeyGenParameterSpec
|
|
5
|
-
import android.security.keystore.KeyProperties
|
|
6
|
-
import android.security.keystore.StrongBoxUnavailableException
|
|
7
|
-
import io.mockk.every
|
|
8
|
-
import io.mockk.mockk
|
|
9
|
-
import io.mockk.mockkStatic
|
|
10
|
-
import io.mockk.slot
|
|
11
|
-
import io.mockk.unmockkAll
|
|
12
|
-
import io.mockk.verify
|
|
13
|
-
import java.security.KeyPair
|
|
14
|
-
import java.security.KeyPairGenerator
|
|
15
|
-
import java.security.KeyStore
|
|
16
|
-
import java.security.Signature
|
|
17
|
-
import java.security.spec.ECGenParameterSpec
|
|
18
|
-
import java.util.Base64
|
|
19
|
-
import org.junit.After
|
|
20
|
-
import org.junit.Assert.assertArrayEquals
|
|
21
|
-
import org.junit.Assert.assertEquals
|
|
22
|
-
import org.junit.Assert.assertFalse
|
|
23
|
-
import org.junit.Assert.assertNull
|
|
24
|
-
import org.junit.Assert.assertThrows
|
|
25
|
-
import org.junit.Assert.assertTrue
|
|
26
|
-
import org.junit.Before
|
|
27
|
-
import org.junit.Test
|
|
28
|
-
import org.junit.runner.RunWith
|
|
29
|
-
import org.robolectric.RobolectricTestRunner
|
|
30
|
-
import org.robolectric.annotation.Config
|
|
31
|
-
|
|
32
|
-
// SECURITY CAVEAT (mirrors SecureEnclaveKeyManagerTests.swift): these tests use
|
|
33
|
-
// MockK to stand in for the AndroidKeyStore JCA provider, which is hardware
|
|
34
|
-
// (TEE/StrongBox) and does not exist under Robolectric. They verify that
|
|
35
|
-
// KeyStoreKeyManager calls the right APIs with the right arguments and handles
|
|
36
|
-
// the returned values correctly — they do NOT verify the KeyStore hardware
|
|
37
|
-
// itself. A manual on-device smoke test of generateKeyPair and sign remains
|
|
38
|
-
// required before release. The base64url and SEC1-extraction logic, by
|
|
39
|
-
// contrast, is exercised for real (android.util.Base64 runs under Robolectric).
|
|
40
|
-
@RunWith(RobolectricTestRunner::class)
|
|
41
|
-
@Config(sdk = [35])
|
|
42
|
-
class KeyStoreKeyManagerTest {
|
|
43
|
-
|
|
44
|
-
private val androidKeyStore = "AndroidKeyStore"
|
|
45
|
-
|
|
46
|
-
// A genuine P-256 keypair generated on the JVM, used as the fixture the
|
|
47
|
-
// mocked AndroidKeyStore "returns". Generated BEFORE any mockkStatic call
|
|
48
|
-
// so the real SunEC provider is still in place.
|
|
49
|
-
private lateinit var realKeyPair: KeyPair
|
|
50
|
-
private lateinit var manager: KeyStoreKeyManager
|
|
51
|
-
|
|
52
|
-
@Before
|
|
53
|
-
fun setUp() {
|
|
54
|
-
val kpg = KeyPairGenerator.getInstance("EC")
|
|
55
|
-
kpg.initialize(ECGenParameterSpec("secp256r1"))
|
|
56
|
-
realKeyPair = kpg.generateKeyPair()
|
|
57
|
-
manager = KeyStoreKeyManager()
|
|
58
|
-
}
|
|
59
|
-
|
|
60
|
-
@After
|
|
61
|
-
fun tearDown() {
|
|
62
|
-
unmockkAll()
|
|
63
|
-
}
|
|
64
|
-
|
|
65
|
-
// Independent oracle for the manager's base64url encoding (last 65 bytes of
|
|
66
|
-
// the X.509 SubjectPublicKeyInfo = the uncompressed SEC1 point).
|
|
67
|
-
private fun expectedEncodedPublicKey(): String {
|
|
68
|
-
val x509 = realKeyPair.public.encoded
|
|
69
|
-
val sec1 = x509.copyOfRange(x509.size - 65, x509.size)
|
|
70
|
-
return Base64.getUrlEncoder().withoutPadding().encodeToString(sec1)
|
|
71
|
-
}
|
|
72
|
-
|
|
73
|
-
// region base64url
|
|
74
|
-
|
|
75
|
-
@Test
|
|
76
|
-
fun base64urlDecode_decodesUrlAlphabetWithoutPadding() {
|
|
77
|
-
// "-_-_AA" is base64url for FB FF BF 00 — exercises the - and _
|
|
78
|
-
// substitutions and the stripped padding (same vector as the iOS test).
|
|
79
|
-
val decoded = KeyStoreKeyManager.base64urlDecode("-_-_AA")
|
|
80
|
-
assertArrayEquals(byteArrayOf(0xFB.toByte(), 0xFF.toByte(), 0xBF.toByte(), 0x00), decoded)
|
|
81
|
-
}
|
|
82
|
-
|
|
83
|
-
@Test
|
|
84
|
-
fun base64urlDecode_roundTripsArbitraryBytes() {
|
|
85
|
-
val original = byteArrayOf(0x04, 0xAB.toByte(), 0xCD.toByte(), 0x00, 0x7F)
|
|
86
|
-
val encoded = Base64.getUrlEncoder().withoutPadding().encodeToString(original)
|
|
87
|
-
assertArrayEquals(original, KeyStoreKeyManager.base64urlDecode(encoded))
|
|
88
|
-
}
|
|
89
|
-
|
|
90
|
-
// endregion
|
|
91
|
-
|
|
92
|
-
// region isAvailable
|
|
93
|
-
|
|
94
|
-
@Test
|
|
95
|
-
fun isAvailable_trueWhenKeyStoreLoads() {
|
|
96
|
-
mockkStatic(KeyStore::class)
|
|
97
|
-
every { KeyStore.getInstance(androidKeyStore) } returns mockk(relaxed = true)
|
|
98
|
-
assertTrue(manager.isAvailable(null))
|
|
99
|
-
}
|
|
100
|
-
|
|
101
|
-
@Test
|
|
102
|
-
fun isAvailable_falseWhenKeyStoreThrows() {
|
|
103
|
-
mockkStatic(KeyStore::class)
|
|
104
|
-
every { KeyStore.getInstance(androidKeyStore) } throws RuntimeException("no provider")
|
|
105
|
-
assertFalse(manager.isAvailable(null))
|
|
106
|
-
}
|
|
107
|
-
|
|
108
|
-
@Test
|
|
109
|
-
fun isAvailable_trueWithStrongBoxFeature() {
|
|
110
|
-
mockkStatic(KeyStore::class)
|
|
111
|
-
every { KeyStore.getInstance(androidKeyStore) } returns mockk(relaxed = true)
|
|
112
|
-
val context = mockk<Context>(relaxed = true)
|
|
113
|
-
every { context.packageManager.hasSystemFeature(any()) } returns true
|
|
114
|
-
assertTrue(manager.isAvailable(context))
|
|
115
|
-
}
|
|
116
|
-
|
|
117
|
-
// endregion
|
|
118
|
-
|
|
119
|
-
// region hasKey / deleteKey
|
|
120
|
-
|
|
121
|
-
@Test
|
|
122
|
-
fun hasKey_reflectsContainsAlias() {
|
|
123
|
-
val keyStore = mockk<KeyStore>(relaxed = true)
|
|
124
|
-
mockkStatic(KeyStore::class)
|
|
125
|
-
every { KeyStore.getInstance(androidKeyStore) } returns keyStore
|
|
126
|
-
every { keyStore.containsAlias("present") } returns true
|
|
127
|
-
every { keyStore.containsAlias("absent") } returns false
|
|
128
|
-
|
|
129
|
-
assertTrue(manager.hasKey("present"))
|
|
130
|
-
assertFalse(manager.hasKey("absent"))
|
|
131
|
-
}
|
|
132
|
-
|
|
133
|
-
@Test
|
|
134
|
-
fun deleteKey_deletesEntryForAlias() {
|
|
135
|
-
val keyStore = mockk<KeyStore>(relaxed = true)
|
|
136
|
-
mockkStatic(KeyStore::class)
|
|
137
|
-
every { KeyStore.getInstance(androidKeyStore) } returns keyStore
|
|
138
|
-
|
|
139
|
-
manager.deleteKey("doomed")
|
|
140
|
-
|
|
141
|
-
verify { keyStore.deleteEntry("doomed") }
|
|
142
|
-
}
|
|
143
|
-
|
|
144
|
-
// endregion
|
|
145
|
-
|
|
146
|
-
// region getPublicKey
|
|
147
|
-
|
|
148
|
-
@Test
|
|
149
|
-
fun getPublicKey_nullWhenEntryMissing() {
|
|
150
|
-
val keyStore = mockk<KeyStore>(relaxed = true)
|
|
151
|
-
mockkStatic(KeyStore::class)
|
|
152
|
-
every { KeyStore.getInstance(androidKeyStore) } returns keyStore
|
|
153
|
-
every { keyStore.getEntry("missing", null) } returns null
|
|
154
|
-
|
|
155
|
-
assertNull(manager.getPublicKey("missing"))
|
|
156
|
-
}
|
|
157
|
-
|
|
158
|
-
@Test
|
|
159
|
-
fun getPublicKey_returnsBase64urlSec1PointForPrivateKeyEntry() {
|
|
160
|
-
val keyStore = mockk<KeyStore>(relaxed = true)
|
|
161
|
-
val entry = mockk<KeyStore.PrivateKeyEntry>(relaxed = true)
|
|
162
|
-
every { entry.certificate.publicKey.encoded } returns realKeyPair.public.encoded
|
|
163
|
-
mockkStatic(KeyStore::class)
|
|
164
|
-
every { KeyStore.getInstance(androidKeyStore) } returns keyStore
|
|
165
|
-
every { keyStore.getEntry("tag", null) } returns entry
|
|
166
|
-
|
|
167
|
-
assertEquals(expectedEncodedPublicKey(), manager.getPublicKey("tag"))
|
|
168
|
-
}
|
|
169
|
-
|
|
170
|
-
// endregion
|
|
171
|
-
|
|
172
|
-
// region sign
|
|
173
|
-
|
|
174
|
-
@Test
|
|
175
|
-
fun sign_throwsWhenKeyMissing() {
|
|
176
|
-
val keyStore = mockk<KeyStore>(relaxed = true)
|
|
177
|
-
mockkStatic(KeyStore::class)
|
|
178
|
-
every { KeyStore.getInstance(androidKeyStore) } returns keyStore
|
|
179
|
-
every { keyStore.getEntry("missing", null) } returns null
|
|
180
|
-
|
|
181
|
-
val ex = assertThrows(IllegalArgumentException::class.java) {
|
|
182
|
-
manager.sign("missing", byteArrayOf(1, 2, 3))
|
|
183
|
-
}
|
|
184
|
-
assertEquals("Key not found: missing", ex.message)
|
|
185
|
-
}
|
|
186
|
-
|
|
187
|
-
@Test
|
|
188
|
-
fun sign_usesEcdsaSha256AndReturnsBase64urlSignature() {
|
|
189
|
-
val keyStore = mockk<KeyStore>(relaxed = true)
|
|
190
|
-
val entry = mockk<KeyStore.PrivateKeyEntry>(relaxed = true)
|
|
191
|
-
every { entry.privateKey } returns realKeyPair.private
|
|
192
|
-
mockkStatic(KeyStore::class)
|
|
193
|
-
every { KeyStore.getInstance(androidKeyStore) } returns keyStore
|
|
194
|
-
every { keyStore.getEntry("tag", null) } returns entry
|
|
195
|
-
|
|
196
|
-
val signatureBytes = byteArrayOf(0xDE.toByte(), 0xAD.toByte())
|
|
197
|
-
val signature = mockk<Signature>(relaxed = true)
|
|
198
|
-
every { signature.sign() } returns signatureBytes
|
|
199
|
-
mockkStatic(Signature::class)
|
|
200
|
-
every { Signature.getInstance("SHA256withECDSA") } returns signature
|
|
201
|
-
|
|
202
|
-
val payload = byteArrayOf(0x01, 0x02)
|
|
203
|
-
val result = manager.sign("tag", payload)
|
|
204
|
-
|
|
205
|
-
assertEquals(
|
|
206
|
-
Base64.getUrlEncoder().withoutPadding().encodeToString(signatureBytes),
|
|
207
|
-
result,
|
|
208
|
-
)
|
|
209
|
-
verify { signature.initSign(realKeyPair.private) }
|
|
210
|
-
verify { signature.update(payload) }
|
|
211
|
-
}
|
|
212
|
-
|
|
213
|
-
// endregion
|
|
214
|
-
|
|
215
|
-
// region generateKeyPair
|
|
216
|
-
|
|
217
|
-
private fun stubKeyStoreWithoutAlias(): KeyStore {
|
|
218
|
-
val keyStore = mockk<KeyStore>(relaxed = true)
|
|
219
|
-
mockkStatic(KeyStore::class)
|
|
220
|
-
every { KeyStore.getInstance(androidKeyStore) } returns keyStore
|
|
221
|
-
every { keyStore.containsAlias(any()) } returns false
|
|
222
|
-
return keyStore
|
|
223
|
-
}
|
|
224
|
-
|
|
225
|
-
@Test
|
|
226
|
-
fun generateKeyPair_throwsWhenAliasAlreadyExists() {
|
|
227
|
-
val keyStore = mockk<KeyStore>(relaxed = true)
|
|
228
|
-
mockkStatic(KeyStore::class)
|
|
229
|
-
every { KeyStore.getInstance(androidKeyStore) } returns keyStore
|
|
230
|
-
every { keyStore.containsAlias("dupe") } returns true
|
|
231
|
-
|
|
232
|
-
val ex = assertThrows(IllegalArgumentException::class.java) {
|
|
233
|
-
manager.generateKeyPair("dupe")
|
|
234
|
-
}
|
|
235
|
-
assertEquals("Key already exists for alias: dupe", ex.message)
|
|
236
|
-
}
|
|
237
|
-
|
|
238
|
-
@Test
|
|
239
|
-
fun generateKeyPair_initializesSpecWithExpectedShape() {
|
|
240
|
-
stubKeyStoreWithoutAlias()
|
|
241
|
-
val kpg = mockk<KeyPairGenerator>(relaxed = true)
|
|
242
|
-
every { kpg.generateKeyPair() } returns realKeyPair
|
|
243
|
-
mockkStatic(KeyPairGenerator::class)
|
|
244
|
-
every { KeyPairGenerator.getInstance(KeyProperties.KEY_ALGORITHM_EC, androidKeyStore) } returns kpg
|
|
245
|
-
|
|
246
|
-
val specSlot = slot<java.security.spec.AlgorithmParameterSpec>()
|
|
247
|
-
every { kpg.initialize(capture(specSlot)) } returns Unit
|
|
248
|
-
|
|
249
|
-
val encoded = manager.generateKeyPair("mytag")
|
|
250
|
-
|
|
251
|
-
val spec = specSlot.captured as KeyGenParameterSpec
|
|
252
|
-
assertEquals("mytag", spec.keystoreAlias)
|
|
253
|
-
assertEquals(
|
|
254
|
-
KeyProperties.PURPOSE_SIGN or KeyProperties.PURPOSE_VERIFY,
|
|
255
|
-
spec.purposes,
|
|
256
|
-
)
|
|
257
|
-
assertTrue(spec.digests.contains(KeyProperties.DIGEST_SHA256))
|
|
258
|
-
assertEquals(
|
|
259
|
-
"secp256r1",
|
|
260
|
-
(spec.algorithmParameterSpec as ECGenParameterSpec).name,
|
|
261
|
-
)
|
|
262
|
-
// On API >= P the first attempt requests StrongBox backing.
|
|
263
|
-
assertTrue(spec.isStrongBoxBacked)
|
|
264
|
-
assertEquals(expectedEncodedPublicKey(), encoded)
|
|
265
|
-
}
|
|
266
|
-
|
|
267
|
-
@Test
|
|
268
|
-
fun generateKeyPair_fallsBackToSoftwareWhenStrongBoxUnavailable() {
|
|
269
|
-
stubKeyStoreWithoutAlias()
|
|
270
|
-
val kpg = mockk<KeyPairGenerator>(relaxed = true)
|
|
271
|
-
// First (StrongBox) attempt fails; second (software) attempt succeeds.
|
|
272
|
-
every { kpg.generateKeyPair() } throws StrongBoxUnavailableException() andThen realKeyPair
|
|
273
|
-
mockkStatic(KeyPairGenerator::class)
|
|
274
|
-
every { KeyPairGenerator.getInstance(KeyProperties.KEY_ALGORITHM_EC, androidKeyStore) } returns kpg
|
|
275
|
-
|
|
276
|
-
val specSlots = mutableListOf<java.security.spec.AlgorithmParameterSpec>()
|
|
277
|
-
every { kpg.initialize(capture(specSlots)) } returns Unit
|
|
278
|
-
|
|
279
|
-
val encoded = manager.generateKeyPair("mytag")
|
|
280
|
-
|
|
281
|
-
assertEquals(2, specSlots.size)
|
|
282
|
-
assertTrue((specSlots[0] as KeyGenParameterSpec).isStrongBoxBacked)
|
|
283
|
-
assertFalse((specSlots[1] as KeyGenParameterSpec).isStrongBoxBacked)
|
|
284
|
-
assertEquals(expectedEncodedPublicKey(), encoded)
|
|
285
|
-
}
|
|
286
|
-
|
|
287
|
-
// endregion
|
|
288
|
-
}
|