ca16651d69
Production security audit (OWASP-aligned, prod-only scope): - Default TOFU to REJECT when no UI handler (prevents silent accept during service-start window) - Add FLAG_SECURE with preventScreenCapture preference (default ON, Settings → Security) - Sanitize bracketed paste content (strip \e[200~/\e[201~ to prevent paste-escape injection) - Add VaultCrypto ProGuard keep rule (prevents R8 stripping JNI methods in release) - Create network_security_config.xml (system CAs only, cleartext disabled) - Add compiler hardening flags to both native modules (-fstack-protector-strong, -D_FORTIFY_SOURCE=2) - Set EXTRA_IS_SENSITIVE on all clipboard writes (terminal copy, key copy, SFTP path copy) - Remove file:// from URL detection (prevents local file access via crafted terminal output) - Verify signing certificate in pro APK migration (prevents fake APK granting free features) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
55 lines
1.6 KiB
Prolog
55 lines
1.6 KiB
Prolog
# SSH Workbench ProGuard Rules
|
|
|
|
# --- SSHJ + BouncyCastle ---
|
|
# SSHJ uses reflection for algorithm discovery and BouncyCastle provider registration
|
|
-keep class net.schmizz.sshj.** { *; }
|
|
-keep class com.hierynomus.** { *; }
|
|
-keep class org.bouncycastle.** { *; }
|
|
-dontwarn org.bouncycastle.**
|
|
-dontwarn net.schmizz.sshj.**
|
|
-dontwarn com.hierynomus.**
|
|
-dontwarn sun.security.x509.**
|
|
-keep class net.i2p.crypto.eddsa.** { *; }
|
|
|
|
# BouncyCastle security provider — registered via reflection
|
|
-keep class org.bouncycastle.jce.provider.BouncyCastleProvider { *; }
|
|
-keep class org.bouncycastle.jcajce.provider.** { *; }
|
|
|
|
# SLF4J — used by SSHJ for logging
|
|
-dontwarn org.slf4j.**
|
|
-keep class org.slf4j.** { *; }
|
|
|
|
# --- JNI ---
|
|
# PtyNative JNI methods must not be renamed
|
|
-keepclasseswithmembers class com.roundingmobile.sshworkbench.terminal.PtyNative {
|
|
native <methods>;
|
|
}
|
|
|
|
# VaultCrypto JNI methods must not be renamed
|
|
-keepclasseswithmembers class com.roundingmobile.vaultcrypto.VaultCrypto {
|
|
native <methods>;
|
|
*;
|
|
}
|
|
|
|
# --- Room ---
|
|
# Room entities and DAOs
|
|
-keep class com.roundingmobile.sshworkbench.data.local.** { *; }
|
|
|
|
# --- Hilt ---
|
|
# Hilt-generated classes
|
|
-dontwarn dagger.hilt.**
|
|
-keep class dagger.hilt.** { *; }
|
|
-keep class * extends dagger.hilt.android.internal.managers.ViewComponentManager$FragmentContextWrapper { *; }
|
|
|
|
# --- Kotlin ---
|
|
-dontwarn kotlin.**
|
|
-dontwarn kotlinx.**
|
|
|
|
# --- Stack traces ---
|
|
-keepattributes SourceFile,LineNumberTable
|
|
-renamesourcefileattribute SourceFile
|
|
|
|
# --- Kotlin serialization (if used) ---
|
|
-keepattributes *Annotation*
|
|
-keepattributes Signature
|
|
-keepattributes Exceptions
|