Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Generate SSH keys on the device #963

Closed
wants to merge 8 commits into from
Closed

Generate SSH keys on the device #963

wants to merge 8 commits into from

Conversation

amberin
Copy link
Contributor

@amberin amberin commented Aug 31, 2022

N. B. This branch builds on top of #948.

Includes some minor general polish of Git-related code.

@amberin
Copy link
Contributor Author

amberin commented Dec 2, 2022

Commit da79faf resolves #785. I forgot to mention that in the commit message.

@amberin amberin mentioned this pull request Dec 2, 2022
N.B. Requires API >= 26.

Apache MINA SSHD is now the standard SSH transport library for JGit. It
supports more modern key algorithms than Jsch.

I have added a notification prompt to the user upon new or unexpected SSH
server host key. I have no idea what I'm doing, but it seems to work.
A generated key can optionally be protected by biometric auth or device
credential. This makes it harder to steal, but will obviously not play
well with auto-sync.

The default key type is EDCSA. ED25519 keys are faster, but not
supported natively by the Android key store. The methods currently
called when unlocking a ED25519 key do not respect the validity duration
setting, which means that the key needs to be unlocked before each use.
This may be twice during a sync, if we need to both fetch and push. RSA
and EDCSA keys respect the validity duration setting, meaning we leave
them unlocked for 15 seconds.

A way to speed up Git syncing while requiring auth upon each key use
would be to use SSH multiplexing and keep the SSH session open until we
push (or decide not to push).

I raised the minimum SDK version from 21 to 23. Otherwise we cannot
include android-crypto in the manifest.

N.B. Much of this code has been taken and re-worked from
https://github.com/android-password-store/Android-Password-Store. That
project is also GPL-3.0, but I don't know how to properly attribute
those authors in the Orgzly code base.
- Make "git push" run blocking. Mostly to make the "syncing in progress"
status information more reliable.
- Show more informative snackbar when "git push" goes wrong. The user
will now find out if pushing fails because of e.g. missing write
permission.
- Remove two unused methods and an unused return value.
- Tidy up some variables.
The TransportException class path was wrong, so the exception type was
not being recognized.

Make an attempt to find the cause if JGit throws the generic "remote
hung up unexpectedly" exception.
We were always ending up in RepoCloneTask.

Separate two different error cases, so that we can actually distinguish
between them.
Also, use more specific inputTypes.

Also, fix the branch name always showing as the default value
@amberin
Copy link
Contributor Author

amberin commented Dec 4, 2022

To anyone trying to run this code: You also need to merge #916 into your build, otherwise Orgzly has insufficient permissions in external storage to create the Git workdir.

@Xanaxus
Copy link

Xanaxus commented Feb 8, 2023

So to get this working, we need to build our own package?

@wiktor-k
Copy link

@amberin Would you be so kind to share a debug build of Orgzly apk that you're using?

You've made numerous improvements to the app but from what I can see the review can take a little bit of time. Me (and I guess a couple of other folks) would be happy to... err... beta-test your changes :)

The git repo sync that's in stable is completely broken and following your issues / PRs it seems it will take some time to fix that.

Thanks for your work & time! 👋

@amberin
Copy link
Contributor Author

amberin commented Mar 19, 2023

@wiktor-k wrote:

@amberin Would you be so kind to share a debug build of Orgzly apk that you're using?

Sure. I just made a build off this branch https://github.com/amberin/orgzly-android/commits/faster-git-syncing and uploaded it to a site that I control: https://www.koloni.info/orgzly-fdroid-debug-amberin-738c3e5.apk

It's a build with all my latest changes which is working well for me. Be aware that I recently implemented deleting notebooks from the remote repository...

Obviously, I give no guarantees that this APK will not completely ruin your Org files or your phone. :)

I only have time to sit down with this a few times per year, so any bugs will not be fixed quickly. But it would be awesome if more people used the Git feature and could contribute to it.

I guess this might also interest @Xanaxus @tillmann @maikol-solis @mtekman.

@Xanaxus
Copy link

Xanaxus commented Mar 19, 2023

Hey so i did give it go just now and i got an error which says that the said packagee is invalid

I am using an oppo reno 6 5g variant

@amberin
Copy link
Contributor Author

amberin commented Mar 19, 2023

Hey so i did give it go just now and i got an error which says that the said packagee is invalid

I am using an oppo reno 6 5g variant

@Xanaxus Sorry, I uploaded the wrong APK. The link should work now. (It works for a friend of mine.)

@amberin
Copy link
Contributor Author

amberin commented Mar 19, 2023

Closing this in favor of #1037.

@amberin amberin closed this Mar 19, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants