mirror
/
FairEmail
mirror of https://github.com/M66B/FairEmail.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Added VirusTotal upload

This commit is contained in:
M66B 2022-07-24 21:17:10 +02:00
parent 057c4f7b8e
commit 3606401af8
7 changed files with 225 additions and 87 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
PRIVACY.md
View File

@ -70,6 +70,7 @@ This table provides a complete overview of all shared data and the conditions un
| DeepL | Received or entered message text and target language code | If translating is enabled, upon pressing a translate button |
| LanguageTool | Entered message texts | If LanguageTools is enabled, upon long pressing the save draft button |
| VirusTotal | [SHA-256 hash](https://en.wikipedia.org/wiki/SHA-2) of attachments | If VirusTotal is enabled, upon long pressing a scan button (*) |
| VirusTotal | Attached file contents | If VirusTotal is enabled, upon long pressing an upload button (*) |
| Gravatar | [MD5 hash](https://en.wikipedia.org/wiki/MD5) of email addresses | If Gravatars are enabled, upon receiving a message (*) |
| Libravatar | [MD5 hash](https://en.wikipedia.org/wiki/MD5) of email addresses | If Libravatars are enabled, upon receiving a message (*) |
| GitHub | None, but see the remarks below | Upon downloading Disconnect's Tracker Protection lists |

6
app/src/dummy/java/eu/faircode/email/VirusTotal.java
View File

@ -27,11 +27,15 @@ import java.io.File;
public class VirusTotal {
static final String URI_PRIVACY = "";
static String getUrl(File file) {
return null;
}
static Bundle lookup(Context context, File file, String apiKey) {
return null;
}
static Bundle upload(Context context, File file, String apiKey) {
static Bundle upload(Context context, File file, String apiKey, Runnable analyzing) {
return null;
}
}

44
app/src/extra/java/eu/faircode/email/VirusTotal.java
View File

@ -21,7 +21,6 @@ package eu.faircode.email;
import android.content.Context;
import android.os.Bundle;
import android.text.TextUtils;
import android.util.Pair;
import org.json.JSONArray;
@ -50,30 +49,20 @@ public class VirusTotal {
private static final long VT_ANALYSIS_WAIT = 6000L; // milliseconds
private static final int VT_ANALYSIS_CHECKS = 50; // 50 x 6 sec = 5 minutes
static String getUrl(File file) throws IOException, NoSuchAlgorithmException {
return URI_ENDPOINT + "gui/file/" + getHash(file);
}
static Bundle lookup(Context context, File file, String apiKey) throws NoSuchAlgorithmException, IOException, JSONException {
String hash;
try (InputStream is = new FileInputStream(file)) {
hash = Helper.getHash(is, "SHA-256");
}
String uri = URI_ENDPOINT + "gui/file/" + hash;
Log.i("VT uri=" + uri);
Bundle result = new Bundle();
result.putString("uri", uri);
if (TextUtils.isEmpty(apiKey))
return result;
Pair<Integer, String> response = call(context, "api/v3/files/" + hash, apiKey);
if (response.first != HttpsURLConnection.HTTP_OK &&
response.first != HttpsURLConnection.HTTP_NOT_FOUND)
throw new FileNotFoundException(response.second);
Pair<Integer, String> response = call(context, "api/v3/files/" + getHash(file), apiKey);
if (response.first == HttpsURLConnection.HTTP_NOT_FOUND) {
result.putInt("count", 0);
result.putInt("malicious", 0);
} else {
} else if (response.first != HttpsURLConnection.HTTP_OK)
throw new FileNotFoundException(response.second);
else {
// https://developers.virustotal.com/reference/files
// Example: https://gist.github.com/M66B/4ea95fdb93fb10bf4047761fcc9ec21a
JSONObject jroot = new JSONObject(response.second);
@ -91,14 +80,14 @@ public class VirusTotal {
String name = jnames.getString(i);
JSONObject jresult = janalysis.getJSONObject(name);
String category = jresult.getString("category");
Log.i("VT " + name + "=" + category);
//Log.i("VT " + name + "=" + category);
if (!"type-unsupported".equals(category))
count++;
if ("malicious".equals(category))
malicious++;
}
Log.i("VT analysis=" + malicious + "/" + count + " label=" + label);
Log.i("VT lookup=" + malicious + "/" + count + " label=" + label);
result.putInt("count", count);
result.putInt("malicious", malicious);
@ -108,7 +97,8 @@ public class VirusTotal {
return result;
}
static void upload(Context context, File file, String apiKey) throws IOException, JSONException, InterruptedException, TimeoutException {
static void upload(Context context, File file, String apiKey, Runnable analyzing)
throws IOException, JSONException, InterruptedException, TimeoutException {
// Get upload URL
Pair<Integer, String> response = call(context, "api/v3/files/upload_url", apiKey);
if (response.first != HttpsURLConnection.HTTP_OK)
@ -186,6 +176,8 @@ public class VirusTotal {
// Get analysis result
for (int i = 0; i < VT_ANALYSIS_CHECKS; i++) {
analyzing.run();
Pair<Integer, String> analyses = call(context, "api/v3/analyses/" + id, apiKey);
if (analyses.first != HttpsURLConnection.HTTP_OK)
throw new FileNotFoundException(analyses.second);
@ -205,7 +197,13 @@ public class VirusTotal {
throw new TimeoutException("Analysis");
}
static Pair<Integer, String> call(Context context, String api, String apiKey) throws IOException {
private static String getHash(File file) throws IOException, NoSuchAlgorithmException {
try (InputStream is = new FileInputStream(file)) {
return Helper.getHash(is, "SHA-256");
}
}
private static Pair<Integer, String> call(Context context, String api, String apiKey) throws IOException {
URL url = new URL(URI_ENDPOINT + api);
HttpsURLConnection connection = (HttpsURLConnection) url.openConnection();
connection.setRequestMethod("GET");

197
app/src/main/java/eu/faircode/email/AdapterAttachment.java
View File

@ -30,6 +30,7 @@ import android.text.TextUtils;
import android.view.LayoutInflater;
import android.view.View;
import android.view.ViewGroup;
import android.widget.Button;
import android.widget.ImageButton;
import android.widget.ImageView;
import android.widget.ProgressBar;
@ -319,95 +320,165 @@ public class AdapterAttachment extends RecyclerView.Adapter<AdapterAttachment.Vi
SharedPreferences prefs = PreferenceManager.getDefaultSharedPreferences(context);
String apiKey = prefs.getString("vt_apikey", null);
Bundle args = new Bundle();
args.putSerializable("file", attachment.getFile(context));
args.putString("apiKey", apiKey);
View view = LayoutInflater.from(context).inflate(R.layout.dialog_virus_total, null);
final TextView tvName = view.findViewById(R.id.tvName);
final ProgressBar pbAnalysis = view.findViewById(R.id.pbAnalysis);
final TextView tvCount = view.findViewById(R.id.tvCount);
final TextView tvLabel = view.findViewById(R.id.tvLabel);
final TextView tvUnknown = view.findViewById(R.id.tvUnknown);
final Button btnUpload = view.findViewById(R.id.btnUpload);
final ProgressBar pbUpload = view.findViewById(R.id.pbUpload);
final ProgressBar pbWait = view.findViewById(R.id.pbWait);
final TextView tvAnalyzing = view.findViewById(R.id.tvAnalyzing);
final Group grpAnalysis = view.findViewById(R.id.grpAnalysis);
tvName.setText(attachment.name);
tvLabel.setVisibility(View.GONE);
tvUnknown.setVisibility(View.GONE);
btnUpload.setVisibility(View.GONE);
pbUpload.setVisibility(View.GONE);
tvAnalyzing.setVisibility(View.GONE);
grpAnalysis.setVisibility(View.GONE);
Bundle args = new Bundle();
args.putString("apiKey", apiKey);
args.putSerializable("file", attachment.getFile(context));
final SimpleTask<Bundle> taskLookup = new SimpleTask<Bundle>() {
@Override
protected void onPreExecute(Bundle args) {
pbWait.setVisibility(View.VISIBLE);
}
@Override
protected void onPostExecute(Bundle args) {
pbWait.setVisibility(View.GONE);
}
new SimpleTask<Bundle>() {
@Override
protected Bundle onExecute(Context context, Bundle args) throws Throwable {
File file = (File) args.getSerializable("file");
String apiKey = args.getString("apiKey");
File file = (File) args.getSerializable("file");
return VirusTotal.lookup(context, file, apiKey);
}
@Override
protected void onExecuted(Bundle args, Bundle result) {
String uri = result.getString("uri");
int count = result.getInt("count", -1);
int malicious = result.getInt("malicious", -1);
String label = result.getString("label");
if (count < 0) {
Helper.view(context, Uri.parse(uri), true);
return;
}
View view = LayoutInflater.from(context).inflate(R.layout.dialog_virus_total, null);
final TextView tvName = view.findViewById(R.id.tvName);
final ProgressBar pbAnalysis = view.findViewById(R.id.pbAnalysis);
final TextView tvCount = view.findViewById(R.id.tvCount);
final TextView tvLabel = view.findViewById(R.id.tvLabel);
final TextView tvUnknown = view.findViewById(R.id.tvUnknown);
final Group grpAnalysis = view.findViewById(R.id.grpAnalysis);
tvName.setText(attachment.name);
pbAnalysis.setMax(count);
pbAnalysis.setProgress(malicious);
tvCount.setText(malicious + "/" + count);
tvLabel.setText(label);
tvLabel.setVisibility(TextUtils.isEmpty(label) ? View.GONE : View.VISIBLE);
tvUnknown.setVisibility(count == 0 ? View.VISIBLE : View.GONE);
btnUpload.setVisibility(count == 0 && !TextUtils.isEmpty(apiKey) ? View.VISIBLE : View.GONE);
grpAnalysis.setVisibility(count == 0 ? View.GONE : View.VISIBLE);
AlertDialog.Builder builder = new AlertDialog.Builder(context)
.setView(view)
.setPositiveButton(R.string.title_info, new DialogInterface.OnClickListener() {
@Override
public void onClick(DialogInterface dialogInterface, int i) {
Helper.view(context, Uri.parse(uri), true);
}
})
.setNegativeButton(android.R.string.cancel, null);
if (!TextUtils.isEmpty(apiKey) && BuildConfig.DEBUG)
builder.setNeutralButton("Upload", new DialogInterface.OnClickListener() {
@Override
public void onClick(DialogInterface dialogInterface, int i) {
new SimpleTask<Void>() {
@Override
protected Void onExecute(Context context, Bundle args) throws Throwable {
File file = (File) args.getSerializable("file");
String apiKey = args.getString("apiKey");
VirusTotal.upload(context, file, apiKey);
return null;
}
@Override
protected void onException(Bundle args, Throwable ex) {
Log.unexpectedError(parentFragment.getParentFragmentManager(), ex);
}
}.execute(context, owner, args, "attachment:upload");
}
});
AlertDialog dialog = builder.create();
dialog.show();
powner.getLifecycle().addObserver(new LifecycleObserver() {
@OnLifecycleEvent(Lifecycle.Event.ON_DESTROY)
public void onDestroy() {
dialog.dismiss();
powner.getLifecycle().removeObserver(this);
}
});
}
@Override
protected void onException(Bundle args, Throwable ex) {
Log.unexpectedError(parentFragment.getParentFragmentManager(), ex);
}
}.execute(context, owner, args, "attachment:scan");
};
final SimpleTask<Void> taskUpload = new SimpleTask<Void>() {
@Override
protected void onPreExecute(Bundle args) {
btnUpload.setEnabled(false);
pbUpload.setVisibility(View.VISIBLE);
}
@Override
protected void onPostExecute(Bundle args) {
btnUpload.setEnabled(true);
tvAnalyzing.setVisibility(View.GONE);
pbUpload.setVisibility(View.GONE);
}
@Override
protected Void onExecute(Context context, Bundle args) throws Throwable {
String apiKey = args.getString("apiKey");
File file = (File) args.getSerializable("file");
VirusTotal.upload(context, file, apiKey, new Runnable() {
private int step = 0;
@Override
public void run() {
postProgress(Integer.toString(++step));
}
});
return null;
}
@Override
protected void onProgress(CharSequence status, Bundle data) {
tvAnalyzing.setVisibility(View.VISIBLE);
}
@Override
protected void onExecuted(Bundle args, Void data) {
taskLookup.execute(context, owner, args, "attachment:lookup");
}
@Override
protected void onException(Bundle args, Throwable ex) {
Log.unexpectedError(parentFragment.getParentFragmentManager(), ex);
}
};
final SimpleTask<String> taskUrl = new SimpleTask<String>() {
@Override
protected String onExecute(Context context, Bundle args) throws Throwable {
File file = (File) args.getSerializable("file");
return VirusTotal.getUrl(file);
}
@Override
protected void onExecuted(Bundle args, String uri) {
Helper.view(context, Uri.parse(uri), true);
}
@Override
protected void onException(Bundle args, Throwable ex) {
Log.unexpectedError(parentFragment.getParentFragmentManager(), ex);
}
};
btnUpload.setOnClickListener(new View.OnClickListener() {
@Override
public void onClick(View view) {
taskUpload.execute(context, owner, args, "attachment:upload");
}
});
if (!TextUtils.isEmpty(apiKey))
taskLookup.execute(context, owner, args, "attachment:lookup");
else
pbWait.setVisibility(View.GONE);
AlertDialog.Builder builder = new AlertDialog.Builder(context)
.setView(view)
.setPositiveButton(R.string.title_info, new DialogInterface.OnClickListener() {
@Override
public void onClick(DialogInterface dialogInterface, int i) {
taskUrl.execute(context, owner, args, "attachment:virustotal");
}
})
.setNegativeButton(android.R.string.cancel, null);
AlertDialog dialog = builder.create();
dialog.show();
powner.getLifecycle().addObserver(new LifecycleObserver() {
@OnLifecycleEvent(Lifecycle.Event.ON_DESTROY)
public void onDestroy() {
dialog.dismiss();
powner.getLifecycle().removeObserver(this);
}
});
}
private void onShare(EntityAttachment attachment) {

18
app/src/main/res/drawable/twotone_file_upload_24.xml Normal file
View File

@ -0,0 +1,18 @@
<vector xmlns:android="http://schemas.android.com/apk/res/android"
android:width="24dp"
android:height="24dp"
android:viewportWidth="24"
android:viewportHeight="24"
android:tint="?attr/colorControlNormal">
<path
android:fillColor="@android:color/white"
android:pathData="M9.83,8l1.17,0l0,6l2,0l0,-6l1.17,0l-2.17,-2.17z"
android:strokeAlpha="0.3"
android:fillAlpha="0.3"/>
<path
android:fillColor="@android:color/white"
android:pathData="M5,18h14v2h-14z"/>
<path
android:fillColor="@android:color/white"
android:pathData="M5,10h4v6h6v-6h4l-7,-7L5,10zM13,8v6h-2V8H9.83L12,5.83L14.17,8H13z"/>
</vector>

44
app/src/main/res/layout/dialog_virus_total.xml
View File

@ -84,6 +84,50 @@
app:layout_constraintStart_toStartOf="parent"
app:layout_constraintTop_toBottomOf="@id/tvLabel" />
<Button
android:id="@+id/btnUpload"
style="?android:attr/buttonStyleSmall"
android:layout_width="wrap_content"
android:layout_height="wrap_content"
android:layout_marginTop="12dp"
android:drawableEnd="@drawable/twotone_file_upload_24"
android:drawablePadding="6dp"
android:text="@string/title_vt_upload"
app:layout_constraintStart_toStartOf="parent"
app:layout_constraintTop_toBottomOf="@id/tvUnknown" />
<eu.faircode.email.ContentLoadingProgressBar
android:id="@+id/pbUpload"
style="@style/Base.Widget.AppCompat.ProgressBar"
android:layout_width="24dp"
android:layout_height="24dp"
android:layout_marginStart="12dp"
android:indeterminate="true"
app:layout_constraintBottom_toBottomOf="@id/btnUpload"
app:layout_constraintStart_toEndOf="@id/btnUpload"
app:layout_constraintTop_toTopOf="@id/btnUpload" />
<TextView
android:id="@+id/tvAnalyzing"
android:layout_width="wrap_content"
android:layout_height="wrap_content"
android:layout_marginTop="6dp"
android:text="@string/title_vt_analyzing"
android:textAppearance="@style/TextAppearance.AppCompat.Small"
app:layout_constraintStart_toStartOf="parent"
app:layout_constraintTop_toBottomOf="@id/btnUpload" />
<eu.faircode.email.ContentLoadingProgressBar
android:id="@+id/pbWait"
style="@style/Base.Widget.AppCompat.ProgressBar"
android:layout_width="wrap_content"
android:layout_height="wrap_content"
android:indeterminate="true"
app:layout_constraintBottom_toBottomOf="parent"
app:layout_constraintEnd_toEndOf="parent"
app:layout_constraintStart_toStartOf="parent"
app:layout_constraintTop_toTopOf="parent" />
<androidx.constraintlayout.widget.Group
android:id="@+id/grpAnalysis"
android:layout_width="0dp"

2
app/src/main/res/values/strings.xml
View File

@ -1469,6 +1469,8 @@
<string name="title_send_receipt_remark">Most providers and email clients ignore receipt requests</string>
<string name="title_vt_count">Number of virus scanners that flag this file as malicious:</string>
<string name="title_vt_unknown">This file hasn\'t been seen by VirusTotal before, so it has not been scanned yet</string>
<string name="title_vt_upload">Upload</string>
<string name="title_vt_analyzing">Analyzing, this may take a while &#8230;</string>
<string name="title_from_missing">Sender missing</string>
<string name="title_pgp_reminder">PGP keys available</string>