2020-07-27 20:43:58 +00:00
|
|
|
import 'dart:convert';
|
|
|
|
|
|
|
|
|
|
import 'package:barcode_scan/barcode_scan.dart';
|
|
|
|
|
import 'package:flutter/cupertino.dart';
|
|
|
|
|
import 'package:flutter/material.dart';
|
|
|
|
|
import 'package:flutter/services.dart';
|
|
|
|
|
import 'package:flutter/widgets.dart';
|
2021-05-03 20:16:00 +00:00
|
|
|
import 'package:flutter_platform_widgets/flutter_platform_widgets.dart';
|
|
|
|
|
import 'package:mobile_nebula/components/SimplePage.dart';
|
2020-08-31 23:32:40 +00:00
|
|
|
import 'package:mobile_nebula/components/SpecialSelectableText.dart';
|
2020-07-27 20:43:58 +00:00
|
|
|
import 'package:mobile_nebula/components/config/ConfigButtonItem.dart';
|
|
|
|
|
import 'package:mobile_nebula/components/config/ConfigItem.dart';
|
|
|
|
|
import 'package:mobile_nebula/components/config/ConfigSection.dart';
|
|
|
|
|
import 'package:mobile_nebula/components/config/ConfigTextItem.dart';
|
|
|
|
|
import 'package:mobile_nebula/models/Certificate.dart';
|
2020-08-18 00:12:28 +00:00
|
|
|
import 'package:mobile_nebula/services/share.dart';
|
2020-07-27 20:43:58 +00:00
|
|
|
import 'package:mobile_nebula/services/utils.dart';
|
|
|
|
|
|
2021-05-03 20:16:00 +00:00
|
|
|
import 'CertificateDetailsScreen.dart';
|
|
|
|
|
|
2020-07-27 20:43:58 +00:00
|
|
|
class CertificateResult {
|
2021-05-03 20:16:00 +00:00
|
|
|
CertificateInfo certInfo;
|
2020-07-27 20:43:58 +00:00
|
|
|
String key;
|
|
|
|
|
|
2021-05-03 20:16:00 +00:00
|
|
|
CertificateResult({this.certInfo, this.key});
|
2020-07-27 20:43:58 +00:00
|
|
|
}
|
|
|
|
|
|
2021-05-03 20:16:00 +00:00
|
|
|
class AddCertificateScreen extends StatefulWidget {
|
|
|
|
|
const AddCertificateScreen({Key key, this.onSave, this.onReplace}) : super(key: key);
|
2020-07-27 20:43:58 +00:00
|
|
|
|
2021-05-03 20:16:00 +00:00
|
|
|
// onSave will pop a new CertificateDetailsScreen
|
2020-07-27 20:43:58 +00:00
|
|
|
final ValueChanged<CertificateResult> onSave;
|
2021-05-03 20:16:00 +00:00
|
|
|
// onReplace will return the CertificateResult, assuming the previous screen is a CertificateDetailsScreen
|
|
|
|
|
final ValueChanged<CertificateResult> onReplace;
|
2020-07-27 20:43:58 +00:00
|
|
|
|
|
|
|
|
@override
|
2021-05-03 20:16:00 +00:00
|
|
|
_AddCertificateScreenState createState() => _AddCertificateScreenState();
|
2020-07-27 20:43:58 +00:00
|
|
|
}
|
|
|
|
|
|
2021-05-03 20:16:00 +00:00
|
|
|
class _AddCertificateScreenState extends State<AddCertificateScreen> {
|
2020-07-27 20:43:58 +00:00
|
|
|
String pubKey;
|
|
|
|
|
String privKey;
|
|
|
|
|
|
|
|
|
|
String inputType = 'paste';
|
|
|
|
|
|
|
|
|
|
final pasteController = TextEditingController();
|
|
|
|
|
static const platform = MethodChannel('net.defined.mobileNebula/NebulaVpnService');
|
|
|
|
|
|
|
|
|
|
@override
|
|
|
|
|
void initState() {
|
2021-05-03 20:16:00 +00:00
|
|
|
_generateKeys();
|
2020-07-27 20:43:58 +00:00
|
|
|
super.initState();
|
|
|
|
|
}
|
|
|
|
|
|
2020-08-31 23:32:40 +00:00
|
|
|
@override
|
|
|
|
|
void dispose() {
|
|
|
|
|
pasteController.dispose();
|
|
|
|
|
super.dispose();
|
|
|
|
|
}
|
|
|
|
|
|
2020-07-27 20:43:58 +00:00
|
|
|
@override
|
|
|
|
|
Widget build(BuildContext context) {
|
2021-05-03 20:16:00 +00:00
|
|
|
if (pubKey == null) {
|
|
|
|
|
return Center(
|
|
|
|
|
child: PlatformCircularProgressIndicator(cupertino: (_, __) {
|
|
|
|
|
return CupertinoProgressIndicatorData(radius: 500);
|
|
|
|
|
}),
|
|
|
|
|
);
|
2020-07-27 20:43:58 +00:00
|
|
|
}
|
|
|
|
|
|
2021-05-03 20:16:00 +00:00
|
|
|
List<Widget> items = [];
|
|
|
|
|
items.addAll(_buildShare());
|
|
|
|
|
items.addAll(_buildLoadCert());
|
|
|
|
|
|
2020-07-27 20:43:58 +00:00
|
|
|
return SimplePage(title: 'Certificate', child: Column(children: items));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
_generateKeys() async {
|
|
|
|
|
try {
|
|
|
|
|
var kp = await platform.invokeMethod("nebula.generateKeyPair");
|
|
|
|
|
Map<String, dynamic> keyPair = jsonDecode(kp);
|
|
|
|
|
|
|
|
|
|
setState(() {
|
|
|
|
|
pubKey = keyPair['PublicKey'];
|
|
|
|
|
privKey = keyPair['PrivateKey'];
|
|
|
|
|
});
|
|
|
|
|
} on PlatformException catch (err) {
|
|
|
|
|
Utils.popError(context, 'Failed to generate key pair', err.details ?? err.message);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
List<Widget> _buildShare() {
|
|
|
|
|
return [
|
|
|
|
|
ConfigSection(
|
|
|
|
|
label: 'Share your public key with a nebula CA so they can sign and return a certificate',
|
|
|
|
|
children: [
|
|
|
|
|
ConfigItem(
|
|
|
|
|
labelWidth: 0,
|
2020-08-31 23:32:40 +00:00
|
|
|
content: SpecialSelectableText(pubKey, style: TextStyle(fontFamily: 'RobotoMono', fontSize: 14)),
|
2020-07-27 20:43:58 +00:00
|
|
|
),
|
|
|
|
|
ConfigButtonItem(
|
|
|
|
|
content: Text('Share Public Key'),
|
|
|
|
|
onPressed: () async {
|
2020-08-18 00:12:28 +00:00
|
|
|
await Share.share(title: 'Please sign and return a certificate', text: pubKey, filename: 'device.pub');
|
2020-07-27 20:43:58 +00:00
|
|
|
},
|
|
|
|
|
),
|
|
|
|
|
])
|
|
|
|
|
];
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
List<Widget> _buildLoadCert() {
|
|
|
|
|
List<Widget> items = [
|
|
|
|
|
Padding(
|
|
|
|
|
padding: EdgeInsets.fromLTRB(10, 25, 10, 0),
|
|
|
|
|
child: CupertinoSlidingSegmentedControl(
|
|
|
|
|
groupValue: inputType,
|
|
|
|
|
onValueChanged: (v) {
|
|
|
|
|
setState(() {
|
|
|
|
|
inputType = v;
|
|
|
|
|
});
|
|
|
|
|
},
|
|
|
|
|
children: {
|
|
|
|
|
'paste': Text('Copy/Paste'),
|
|
|
|
|
'file': Text('File'),
|
|
|
|
|
'qr': Text('QR Code'),
|
|
|
|
|
},
|
|
|
|
|
))
|
|
|
|
|
];
|
|
|
|
|
|
|
|
|
|
if (inputType == 'paste') {
|
|
|
|
|
items.addAll(_addPaste());
|
|
|
|
|
} else if (inputType == 'file') {
|
|
|
|
|
items.addAll(_addFile());
|
|
|
|
|
} else {
|
|
|
|
|
items.addAll(_addQr());
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return items;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
List<Widget> _addPaste() {
|
|
|
|
|
return [
|
|
|
|
|
ConfigSection(
|
|
|
|
|
children: [
|
|
|
|
|
ConfigTextItem(
|
|
|
|
|
placeholder: 'Certificate PEM Contents',
|
|
|
|
|
controller: pasteController,
|
|
|
|
|
),
|
|
|
|
|
ConfigButtonItem(
|
|
|
|
|
content: Center(child: Text('Load Certificate')),
|
|
|
|
|
onPressed: () {
|
2021-05-03 20:16:00 +00:00
|
|
|
_addCertEntry(pasteController.text);
|
2020-07-27 20:43:58 +00:00
|
|
|
}),
|
|
|
|
|
],
|
|
|
|
|
)
|
|
|
|
|
];
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
List<Widget> _addFile() {
|
|
|
|
|
return [
|
|
|
|
|
ConfigSection(
|
|
|
|
|
children: [
|
|
|
|
|
ConfigButtonItem(
|
|
|
|
|
content: Center(child: Text('Choose a file')),
|
|
|
|
|
onPressed: () async {
|
|
|
|
|
try {
|
2021-04-23 17:33:28 +00:00
|
|
|
final content = await Utils.pickFile(context);
|
|
|
|
|
if (content == null) {
|
2020-07-27 20:43:58 +00:00
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
2021-05-03 20:16:00 +00:00
|
|
|
_addCertEntry(content);
|
2020-07-27 20:43:58 +00:00
|
|
|
} catch (err) {
|
2021-04-23 17:33:28 +00:00
|
|
|
return Utils.popError(context, 'Failed to load certificate file', err.toString());
|
2020-07-27 20:43:58 +00:00
|
|
|
}
|
|
|
|
|
})
|
|
|
|
|
],
|
|
|
|
|
)
|
|
|
|
|
];
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
List<Widget> _addQr() {
|
|
|
|
|
return [
|
|
|
|
|
ConfigSection(
|
|
|
|
|
children: [
|
|
|
|
|
ConfigButtonItem(
|
|
|
|
|
content: Text('Scan a QR code'),
|
|
|
|
|
onPressed: () async {
|
|
|
|
|
var options = ScanOptions(
|
|
|
|
|
restrictFormat: [BarcodeFormat.qr],
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
var result = await BarcodeScanner.scan(options: options);
|
|
|
|
|
if (result.rawContent != "") {
|
2021-05-03 20:16:00 +00:00
|
|
|
_addCertEntry(result.rawContent);
|
2020-07-27 20:43:58 +00:00
|
|
|
}
|
|
|
|
|
}),
|
|
|
|
|
],
|
|
|
|
|
)
|
|
|
|
|
];
|
|
|
|
|
}
|
|
|
|
|
|
2021-05-03 20:16:00 +00:00
|
|
|
_addCertEntry(String rawCert) async {
|
2020-08-07 22:44:40 +00:00
|
|
|
// Allow for app store review testing cert to override the generated key
|
|
|
|
|
if (rawCert.trim() == _testCert) {
|
|
|
|
|
privKey = _testKey;
|
|
|
|
|
}
|
|
|
|
|
|
2020-07-27 20:43:58 +00:00
|
|
|
try {
|
|
|
|
|
var rawCerts = await platform.invokeMethod("nebula.parseCerts", <String, String>{"certs": rawCert});
|
2021-05-03 20:16:00 +00:00
|
|
|
|
2020-07-27 20:43:58 +00:00
|
|
|
List<dynamic> certs = jsonDecode(rawCerts);
|
|
|
|
|
if (certs.length > 0) {
|
2021-05-03 20:16:00 +00:00
|
|
|
var tryCertInfo = CertificateInfo.fromJson(certs.first);
|
|
|
|
|
if (tryCertInfo.cert.details.isCa) {
|
|
|
|
|
return Utils.popError(context, 'Error loading certificate content',
|
|
|
|
|
'A certificate authority is not appropriate for a client certificate.');
|
|
|
|
|
} else if (!tryCertInfo.validity.valid) {
|
|
|
|
|
return Utils.popError(context, 'Certificate was invalid', tryCertInfo.validity.reason);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//TODO: test that the pubkey we generated equals the pub key in the cert
|
|
|
|
|
|
|
|
|
|
// If we are replacing we just return the results now
|
|
|
|
|
if (widget.onReplace != null) {
|
|
|
|
|
Navigator.pop(context);
|
|
|
|
|
widget.onReplace(CertificateResult(certInfo: tryCertInfo, key: privKey));
|
|
|
|
|
return;
|
2020-08-10 15:48:00 +00:00
|
|
|
}
|
2021-05-03 20:16:00 +00:00
|
|
|
|
|
|
|
|
// We have a cert, pop the details screen where they can hit save
|
|
|
|
|
Utils.openPage(context, (context) {
|
|
|
|
|
return CertificateDetailsScreen(
|
|
|
|
|
certInfo: tryCertInfo,
|
|
|
|
|
onSave: () {
|
|
|
|
|
Navigator.pop(context);
|
|
|
|
|
widget.onSave(CertificateResult(certInfo: tryCertInfo, key: privKey));
|
|
|
|
|
});
|
|
|
|
|
});
|
2020-07-27 20:43:58 +00:00
|
|
|
}
|
|
|
|
|
} on PlatformException catch (err) {
|
2021-05-03 20:16:00 +00:00
|
|
|
return Utils.popError(context, 'Error loading certificate content', err.details ?? err.message);
|
2020-07-27 20:43:58 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2020-08-07 22:44:40 +00:00
|
|
|
|
|
|
|
|
// This a cert that if presented will swap the key to assist the app review process
|
|
|
|
|
const _testCert = '''-----BEGIN NEBULA CERTIFICATE-----
|
|
|
|
|
CpMBChdBcHAgU3RvcmUgUmV2aWV3IERldmljZRIKgpSghQyA/v//DyIGcmV2aWV3
|
|
|
|
|
IhRiNzJjZThiZWM5MDYwYTA3MmNmMSjvk7f5BTCPnYf0BzogYHa3YoNcFJxKX8bU
|
|
|
|
|
jK4pg0aIYxDkwk8aM7w1c+CQXSpKICx06NYtozgKaA2R9NO311D8T86iTXxLmjI4
|
|
|
|
|
0wzAXCSmEkCi9ocqtyQhNp75eKphqVlZNl1RXBo4hdY9jBdc9+b9o0bU4zxFxIRT
|
|
|
|
|
uDneQqytYS+BUfgNnGX5wsMxOEst/kkC
|
|
|
|
|
-----END NEBULA CERTIFICATE-----''';
|
|
|
|
|
|
|
|
|
|
const _testKey = '''-----BEGIN NEBULA X25519 PRIVATE KEY-----
|
|
|
|
|
UlyDdFn/2mLFykeWjCEwWVRSDHtMF7nz3At3O77Faf4=
|
|
|
|
|
-----END NEBULA X25519 PRIVATE KEY-----''';
|
