Fix name resolving on Android

Fix window hiding on startup on Android

.github/workflows/deploy.yml

@@ -10,12 +10,13 @@ env:
 
 jobs:
   Build-Linux-Ubuntu:
-    name: 'Build-Linux-Ubuntu'
     runs-on: ubuntu-20.04
 
     env:
       QT_VERSION: 6.6.2
       QIF_VERSION: 4.7
+      PROD_AGW_PUBLIC_KEY: ${{ secrets.PROD_AGW_PUBLIC_KEY }}
+      DEV_AGW_PUBLIC_KEY: ${{ secrets.DEV_AGW_PUBLIC_KEY }}
 
     steps:
     - name: 'Install Qt'
@@ -65,16 +66,24 @@ jobs:
         path: deploy/AppDir
         retention-days: 7
 
+    - name: 'Upload translations artifact'
+      uses: actions/upload-artifact@v4
+      with:
+        name: AmneziaVPN_translations
+        path: client/translations
+        retention-days: 7
+
 # ------------------------------------------------------
 
   Build-Windows:
-    name: Build-Windows
     runs-on: windows-latest
 
     env:
       QT_VERSION: 6.6.2
       QIF_VERSION: 4.7
       BUILD_ARCH: 64
+      PROD_AGW_PUBLIC_KEY: ${{ secrets.PROD_AGW_PUBLIC_KEY }}
+      DEV_AGW_PUBLIC_KEY: ${{ secrets.DEV_AGW_PUBLIC_KEY }}
 
     steps:
     - name: 'Get sources'
@@ -130,13 +139,14 @@ jobs:
 # ------------------------------------------------------
 
   Build-iOS:
-    name: 'Build-iOS'
     runs-on: macos-13
 
     env:
       QT_VERSION: 6.6.2
       CC: cc
       CXX: c++
+      PROD_AGW_PUBLIC_KEY: ${{ secrets.PROD_AGW_PUBLIC_KEY }}
+      DEV_AGW_PUBLIC_KEY: ${{ secrets.DEV_AGW_PUBLIC_KEY }}
 
     steps:
     - name: 'Setup xcode'
@@ -221,13 +231,14 @@ jobs:
 # ------------------------------------------------------
 
   Build-MacOS:
-    name: 'Build-MacOS'
     runs-on: macos-latest
 
     env:
       # Keep compat with MacOS 10.15 aka Catalina by Qt 6.4
       QT_VERSION: 6.4.3
       QIF_VERSION: 4.6
+      PROD_AGW_PUBLIC_KEY: ${{ secrets.PROD_AGW_PUBLIC_KEY }}
+      DEV_AGW_PUBLIC_KEY: ${{ secrets.DEV_AGW_PUBLIC_KEY }}
 
     steps:
     - name: 'Setup xcode'
@@ -286,28 +297,29 @@ jobs:
 # ------------------------------------------------------
 
   Build-Android:
-    name: 'Build-Android'
     runs-on: ubuntu-latest
 
     env:
       ANDROID_BUILD_PLATFORM: android-34
-      QT_VERSION: 6.6.2
+      QT_VERSION: 6.7.2
       QT_MODULES: 'qtremoteobjects qt5compat qtimageformats qtshadertools'
+      PROD_AGW_PUBLIC_KEY: ${{ secrets.PROD_AGW_PUBLIC_KEY }}
+      DEV_AGW_PUBLIC_KEY: ${{ secrets.DEV_AGW_PUBLIC_KEY }}
 
     steps:
     - name: 'Install desktop Qt'
-      uses: jurplel/install-qt-action@v3
+      uses: jurplel/install-qt-action@v4
       with:
         version: ${{ env.QT_VERSION }}
         host: 'linux'
         target: 'desktop'
-        arch: 'gcc_64'
+        arch: 'linux_gcc_64'
         modules: ${{ env.QT_MODULES }}
         dir: ${{ runner.temp }}
         extra: '--external 7z --base ${{ env.QT_MIRROR }}'
 
     - name: 'Install android_x86_64 Qt'
-      uses: jurplel/install-qt-action@v3
+      uses: jurplel/install-qt-action@v4
       with:
         version: ${{ env.QT_VERSION }}
         host: 'linux'
@@ -318,7 +330,7 @@ jobs:
         extra: '--external 7z --base ${{ env.QT_MIRROR }}'
 
     - name: 'Install android_x86 Qt'
-      uses: jurplel/install-qt-action@v3
+      uses: jurplel/install-qt-action@v4
       with:
         version: ${{ env.QT_VERSION }}
         host: 'linux'
@@ -329,7 +341,7 @@ jobs:
         extra: '--external 7z --base ${{ env.QT_MIRROR }}'
 
     - name: 'Install android_armv7 Qt'
-      uses: jurplel/install-qt-action@v3
+      uses: jurplel/install-qt-action@v4
       with:
         version: ${{ env.QT_VERSION }}
         host: 'linux'
@@ -340,7 +352,7 @@ jobs:
         extra: '--external 7z --base ${{ env.QT_MIRROR }}'
 
     - name: 'Install android_arm64_v8a Qt'
-      uses: jurplel/install-qt-action@v3
+      uses: jurplel/install-qt-action@v4
       with:
         version: ${{ env.QT_VERSION }}
         host: 'linux'
@@ -432,3 +444,21 @@ jobs:
         path: deploy/build/AmneziaVPN-release.aab
         compression-level: 0
         retention-days: 7
+
+  Extra:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Search a corresponding PR
+        uses: octokit/request-action@v2.x
+        id: pull_request
+        with:
+          route: GET /repos/${{ github.repository }}/pulls
+          head: ${{ github.repository_owner }}:${{ github.ref_name }}
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Add PR link to build summary
+        if: ${{ fromJSON(steps.pull_request.outputs.data)[0].number != '' }}
+        run: | 
+          echo "Pull request:" >> $GITHUB_STEP_SUMMARY
+          echo "[[#${{ fromJSON(steps.pull_request.outputs.data)[0].number }}] ${{ fromJSON(steps.pull_request.outputs.data)[0].title }}](${{ fromJSON(steps.pull_request.outputs.data)[0].html_url }})" >> $GITHUB_STEP_SUMMARY

.github/workflows/tag-deploy.yml

@@ -15,6 +15,8 @@ jobs:
     env:
       QT_VERSION: 6.4.1
       QIF_VERSION: 4.5
+      PROD_AGW_PUBLIC_KEY: ${{ secrets.PROD_AGW_PUBLIC_KEY }}
+      DEV_AGW_PUBLIC_KEY: ${{ secrets.DEV_AGW_PUBLIC_KEY }}
 
     steps:
     - name: 'Install desktop Qt'

.gitmodules

@@ -13,3 +13,6 @@
 [submodule "client/3rd/amneziawg-apple"]
 	path = client/3rd/amneziawg-apple
 	url = https://github.com/amnezia-vpn/amneziawg-apple
+[submodule "client/3rd/QSimpleCrypto"]
+	path = client/3rd/QSimpleCrypto
+	url = https://github.com/amnezia-vpn/QSimpleCrypto.git

CMakeLists.txt

@@ -2,7 +2,7 @@ cmake_minimum_required(VERSION 3.25.0 FATAL_ERROR)
 
 set(PROJECT AmneziaVPN)
 
-project(${PROJECT} VERSION 4.5.3.0
+project(${PROJECT} VERSION 4.8.0.1
         DESCRIPTION "AmneziaVPN"
         HOMEPAGE_URL "https://amnezia.org/"
 )
@@ -11,7 +11,7 @@ string(TIMESTAMP CURRENT_DATE "%Y-%m-%d")
 set(RELEASE_DATE "${CURRENT_DATE}")
 
 set(APP_MAJOR_VERSION ${CMAKE_PROJECT_VERSION_MAJOR}.${CMAKE_PROJECT_VERSION_MINOR}.${CMAKE_PROJECT_VERSION_PATCH})
-set(APP_ANDROID_VERSION_CODE 52)
+set(APP_ANDROID_VERSION_CODE 59)
 
 if(${CMAKE_SYSTEM_NAME} STREQUAL "Linux")
     set(MZ_PLATFORM_NAME "linux")

README.md

@@ -6,20 +6,44 @@
 
 Amnezia is an open-source VPN client, with a key feature that enables you to deploy your own VPN server on your server.
 
+![Image](https://github.com/amnezia-vpn/amnezia-client/blob/dev/metadata/img-readme/uipic4.png)
+
+<br>
+
+<a href="https://github.com/amnezia-vpn/amnezia-client/releases/download/4.7.0.0/AmneziaVPN_4.7.0.0_x64.exe"><img src="https://github.com/amnezia-vpn/amnezia-client/blob/dev/metadata/img-readme/win.png" width="150" style="max-width: 100%;"></a> 
+<a href="https://github.com/amnezia-vpn/amnezia-client/releases/download/4.7.0.0/AmneziaVPN_4.7.0.0.dmg"><img src="https://github.com/amnezia-vpn/amnezia-client/blob/dev/metadata/img-readme/mac.png" width="150" style="max-width: 100%;"></a> 
+<a href="https://github.com/amnezia-vpn/amnezia-client/releases/download/4.7.0.0/AmneziaVPN_Linux_4.7.0.0.tar.zip"><img src="https://github.com/amnezia-vpn/amnezia-client/blob/dev/metadata/img-readme/lin.png" width="150" style="max-width: 100%;"></a>
+<a href="https://github.com/amnezia-vpn/amnezia-client/releases/tag/4.7.0.0"><img src="https://github.com/amnezia-vpn/amnezia-client/blob/dev/metadata/img-readme/andr.png" width="150" style="max-width: 100%;"></a>
+
+<br>
+
+<a href="https://play.google.com/store/search?q=amnezia+vpn&c=apps"><img src="https://github.com/amnezia-vpn/amnezia-client/blob/dev/metadata/img-readme/play.png" width="150" style="max-width: 100%;"></a>
+<a href="https://apps.apple.com/us/app/amneziavpn/id1600529900"><img src="https://github.com/amnezia-vpn/amnezia-client/blob/dev/metadata/img-readme/apl.png" width="150" style="max-width: 100%;"></a>
+
+
+[All releases](https://github.com/amnezia-vpn/amnezia-client/releases)
+
+<br>
+
+
 ## Features
 
-- Very easy to use - enter your IP address, SSH login, and password, and Amnezia will automatically install VPN docker containers to your server and connect to the VPN.
-- OpenVPN, ShadowSocks, WireGuard, and IKEv2 protocols support.
-- Masking VPN with OpenVPN over Cloak plugin
-- Split tunneling support - add any sites to the client to enable VPN only for them (only for desktops)
+- Very easy to use - enter your IP address, SSH login, password and Amnezia will automatically install VPN docker containers to your server and connect to the VPN.
+- Classic VPN-protocols: OpenVPN, WireGuard and IKEv2 protocols.
+- Protocols with traffic Masking (Obfuscation): OpenVPN over [Cloak](https://github.com/cbeuw/Cloak) plugin, Shadowsocks (OpenVPN over Shadowsocks), [AmneziaWG](https://docs.amnezia.org/documentation/amnezia-wg/) and XRay.
+- Split tunneling support - add any sites to the client to enable VPN only for them or add Apps (only for Android and Desktop).
 - Windows, MacOS, Linux, Android, iOS releases.
+- Support for AmneziaWG protocol configuration on [Keenetic beta firmware](https://docs.keenetic.com/ua/air/kn-1611/en/6319-latest-development-release.html#UUID-186c4108-5afd-c10b-f38a-cdff6c17fab3_section-idm33192196168192-improved).
 
 ## Links
 
-[https://amnezia.org](https://amnezia.org) - project website  
-[https://www.reddit.com/r/AmneziaVPN](https://www.reddit.com/r/AmneziaVPN) - Reddit  
-[https://t.me/amnezia_vpn_en](https://t.me/amnezia_vpn_en) - Telegram support channel (English)  
-[https://t.me/amnezia_vpn](https://t.me/amnezia_vpn) - Telegram support channel (Russian)  
+- [https://amnezia.org](https://amnezia.org) - project website  
+- [https://www.reddit.com/r/AmneziaVPN](https://www.reddit.com/r/AmneziaVPN) - Reddit  
+- [https://t.me/amnezia_vpn_en](https://t.me/amnezia_vpn_en) - Telegram support channel (English) 
+- [https://t.me/amnezia_vpn_ir](https://t.me/amnezia_vpn_ir) - Telegram support channel (Farsi) 
+- [https://t.me/amnezia_vpn_mm](https://t.me/amnezia_vpn_mm) - Telegram support channel (Myanmar)  
+- [https://t.me/amnezia_vpn](https://t.me/amnezia_vpn) - Telegram support channel (Russian)
+- [https://vpnpay.io/en/amnezia-premium/](https://vpnpay.io/en/amnezia-premium/) - Amnezia Premium
 
 ## Tech
 
@@ -27,7 +51,7 @@ AmneziaVPN uses several open-source projects to work:
 
 - [OpenSSL](https://www.openssl.org/)
 - [OpenVPN](https://openvpn.net/)
-- [ShadowSocks](https://shadowsocks.org/)
+- [Shadowsocks](https://shadowsocks.org/)
 - [Qt](https://www.qt.io/)
 - [LibSsh](https://libssh.org) - forked from Qt Creator
 - and more...
@@ -44,6 +68,19 @@ git submodule update --init --recursive
 
 Want to contribute? Welcome!
 
+### Help with translations
+
+Download the most actual translation files.
+
+Go to ["Actions" tab](https://github.com/amnezia-vpn/amnezia-client/actions?query=is%3Asuccess+branch%3Adev), click on the first line.
+Then scroll down to the "Artifacts" section and download "AmneziaVPN_translations".
+
+Unzip this file.
+Each *.ts file contains strings for one corresponding language.
+
+Translate or correct some strings in one or multiple *.ts files and commit them back to this repository into the ``client/translations`` folder.
+You can do it via a web-interface or any other method you're familiar with.
+
 ### Building sources and deployment
 
 Check deploy folder for build scripts. 
@@ -52,7 +89,7 @@ Check deploy folder for build scripts.
 
 1. First, make sure you have [XCode](https://developer.apple.com/xcode/) installed, at least version 14 or higher.
 
-2. We use QT to generate the XCode project. We need QT version 6.6.1. Install QT for MacOS [here](https://doc.qt.io/qt-6/macos.html) or [QT Online Installer](https://www.qt.io/download-open-source). Required modules:
+2. We use QT to generate the XCode project. We need QT version 6.6.2. Install QT for MacOS [here](https://doc.qt.io/qt-6/macos.html) or [QT Online Installer](https://www.qt.io/download-open-source). Required modules:
    - MacOS
    - iOS
    - Qt 5 Compatibility Module
@@ -119,9 +156,11 @@ The Android app has the following requirements:
 * Android platform SDK 33
 * CMake 3.25.0
 
-After you have installed QT, QT Creator, and Android Studio, you need to configure QT Creator correctly. Click in the top menu bar on `QT Creator` -> `Preferences` -> `Devices` and select the tab `Android`. 
-    * set path to JDK 11
-    * set path to Android SDK ($ANDROID_HOME)
+After you have installed QT, QT Creator, and Android Studio, you need to configure QT Creator correctly.
+
+- Click in the top menu bar on `QT Creator` -> `Preferences` -> `Devices` and select the tab `Android`.
+- Set path to JDK 11
+- Set path to Android SDK (`$ANDROID_HOME`)
 
 In case you get errors regarding missing SDK or 'SDK manager not running', you cannot fix them by correcting the paths. If you have some spare GBs on your disk, you can let QT Creator install all requirements by choosing an empty folder for `Android SDK location` and clicking on `Set Up SDK`. Be aware: This will install a second Android SDK and NDK on your machine! 
 Double-check that the right CMake version is configured:  Click on `QT Creator` -> `Preferences` and click on the side menu on `Kits`. Under the center content view's `Kits` tab, you'll find an entry for `CMake Tool`. If the default selected CMake version is lower than 3.25.0, install on your system CMake >= 3.25.0 and choose `System CMake at <path>` from the drop-down list. If this entry is missing, you either have not installed CMake yet or QT Creator hasn't found the path to it. In that case, click in the preferences window on the side menu item `CMake`, then on the tab `Tools` in the center content view, and finally on the button `Add` to set the path to your installed CMake. 
@@ -142,10 +181,12 @@ GPL v3.0
 
 ## Donate
 
-Bitcoin: bc1qn9rhsffuxwnhcuuu4qzrwp4upkrq94xnh8r26u  
+Patreon: [https://www.patreon.com/amneziavpn](https://www.patreon.com/amneziavpn)
+
+Bitcoin: bc1q26eevjcg9j0wuyywd2e3uc9cs2w58lpkpjxq6p <br>
+USDT BEP20: 0x6abD576765a826f87D1D95183438f9408C901bE4 <br>
+USDT TRC20: TELAitazF1MZGmiNjTcnxDjEiH5oe7LC9d <br>
 XMR: 48spms39jt1L2L5vyw2RQW6CXD6odUd4jFu19GZcDyKKQV9U88wsJVjSbL4CfRys37jVMdoaWVPSvezCQPhHXUW5UKLqUp3  
-payeer.com: P2561305  
-ko-fi.com: [https://ko-fi.com/amnezia_vpn](https://ko-fi.com/amnezia_vpn)  
 
 ## Acknowledgments
 

client/3rd/QJsonStruct/.gitignore

@@ -0,0 +1,2 @@
+*.user
+build/

client/3rd/QJsonStruct/CMakeLists.txt

@@ -0,0 +1,19 @@
+cmake_minimum_required(VERSION 3.5)
+
+project(QJsonStruct LANGUAGES CXX)
+
+set(CMAKE_INCLUDE_CURRENT_DIR ON)
+set(CMAKE_AUTOMOC ON)
+set(CMAKE_AUTORCC ON)
+set(CMAKE_CXX_STANDARD 17)
+set(CMAKE_CXX_STANDARD_REQUIRED ON)
+
+option(BUILD_TESTING ON)
+
+include(QJsonStruct.cmake)
+find_package(Qt5 COMPONENTS Core REQUIRED)
+
+if(BUILD_TESTING)
+    include(CTest)
+    add_subdirectory(test)
+endif()

client/3rd/QJsonStruct/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2020 Qv2ray Workgroup
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

client/3rd/QJsonStruct/QJsonIO.hpp

@@ -0,0 +1,190 @@
+#pragma once
+#include <QJsonArray>
+#include <QJsonObject>
+#include <QJsonValue>
+#include <QList>
+#include <tuple>
+
+enum class QJsonIOPathType
+{
+    JSONIO_MODE_ARRAY,
+    JSONIO_MODE_OBJECT
+};
+
+typedef QPair<QString, QJsonIOPathType> QJsonIONodeType;
+
+struct QJsonIOPath : QList<QJsonIONodeType>
+{
+    template<typename type1, typename type2, typename... types>
+    QJsonIOPath(const type1 t1, const type2 t2, const types... ts)
+    {
+        AppendPath(t1);
+        AppendPath(t2);
+        (AppendPath(ts), ...);
+    }
+
+    void AppendPath(size_t index)
+    {
+        append({ QString::number(index), QJsonIOPathType::JSONIO_MODE_ARRAY });
+    }
+
+    void AppendPath(const QString &key)
+    {
+        append({ key, QJsonIOPathType::JSONIO_MODE_OBJECT });
+    }
+
+    template<typename t>
+    QJsonIOPath &operator<<(const t &str)
+    {
+        AppendPath(str);
+        return *this;
+    }
+
+    template<typename t>
+    QJsonIOPath &operator+=(const t &val)
+    {
+        AppendPath(val);
+        return *this;
+    }
+
+    QJsonIOPath &operator<<(const QJsonIOPath &other)
+    {
+        for (const auto &x : other)
+            this->append(x);
+        return *this;
+    }
+
+    template<typename t>
+    QJsonIOPath &operator<<(const t &val) const
+    {
+        auto _new = *this;
+        return _new << val;
+    }
+
+    template<typename t>
+    QJsonIOPath operator+(const t &val) const
+    {
+        auto _new = *this;
+        return _new << val;
+    }
+
+    QJsonIOPath operator+(const QJsonIOPath &other) const
+    {
+        auto _new = *this;
+        for (const auto &x : other)
+            _new.append(x);
+        return _new;
+    }
+};
+
+class QJsonIO
+{
+  public:
+    const static inline QJsonValue Null = QJsonValue::Null;
+    const static inline QJsonValue Undefined = QJsonValue::Undefined;
+
+    template<typename current_key_type, typename... t_other_types>
+    static QJsonValue GetValue(const QJsonValue &parent, const current_key_type &current, const t_other_types &...other)
+    {
+        if constexpr (sizeof...(t_other_types) == 0)
+            if constexpr (std::is_integral_v<current_key_type>)
+                return parent.toArray()[current];
+            else
+                return parent.toObject()[current];
+        else if constexpr (std::is_integral_v<current_key_type>)
+            return GetValue(parent.toArray()[current], other...);
+        else
+            return GetValue(parent.toObject()[current], other...);
+    }
+
+    template<typename... key_types_t>
+    static QJsonValue GetValue(QJsonValue value, const std::tuple<key_types_t...> &keys, const QJsonValue &defaultValue = Undefined)
+    {
+        std::apply([&](auto &&...args) { ((value = value[args]), ...); }, keys);
+        return value.isUndefined() ? defaultValue : value;
+    }
+
+    template<typename parent_type, typename t_value_type, typename current_key_type, typename... t_other_key_types>
+    static void SetValue(parent_type &parent, const t_value_type &val, const current_key_type &current, const t_other_key_types &...other)
+    {
+        // If current parent is an array, increase its size to fit the "key"
+        if constexpr (std::is_integral_v<current_key_type>)
+            for (auto i = parent.size(); i <= current; i++)
+                parent.insert(i, {});
+
+        // If the t_other_key_types has nothing....
+        // Means we have reached the end of recursion.
+        if constexpr (sizeof...(t_other_key_types) == 0)
+            parent[current] = val;
+        else if constexpr (std::is_integral_v<typename std::tuple_element_t<0, std::tuple<t_other_key_types...>>>)
+        {
+            // Means we still have many keys
+            // So this element is an array.
+            auto _array = parent[current].toArray();
+            SetValue(_array, val, other...);
+            parent[current] = _array;
+        }
+        else
+        {
+            auto _object = parent[current].toObject();
+            SetValue(_object, val, other...);
+            parent[current] = _object;
+        }
+    }
+
+    static QJsonValue GetValue(const QJsonValue &parent, const QJsonIOPath &path, const QJsonValue &defaultValue = QJsonIO::Undefined)
+    {
+        QJsonValue val = parent;
+        for (const auto &[k, t] : path)
+        {
+            if (t == QJsonIOPathType::JSONIO_MODE_ARRAY)
+                val = val.toArray()[k.toInt()];
+            else
+                val = val.toObject()[k];
+        }
+        return val.isUndefined() ? defaultValue : val;
+    }
+
+    template<typename parent_type, typename value_type>
+    static void SetValue(parent_type &parent, const value_type &t, const QJsonIOPath &path)
+    {
+        QList<std::tuple<QString, QJsonIOPathType, QJsonValue>> _stack;
+        QJsonValue lastNode = parent;
+        for (const auto &[key, type] : path)
+        {
+            _stack.prepend({ key, type, lastNode });
+            if (type == QJsonIOPathType::JSONIO_MODE_ARRAY)
+                lastNode = lastNode.toArray().at(key.toInt());
+            else
+                lastNode = lastNode.toObject()[key];
+        }
+
+        lastNode = t;
+
+        for (const auto &[key, type, node] : _stack)
+        {
+            if (type == QJsonIOPathType::JSONIO_MODE_ARRAY)
+            {
+                const auto index = key.toInt();
+                auto nodeArray = node.toArray();
+                for (auto i = nodeArray.size(); i <= index; i++)
+                    nodeArray.insert(i, {});
+                nodeArray[index] = lastNode;
+                lastNode = nodeArray;
+            }
+            else
+            {
+                auto nodeObject = node.toObject();
+                nodeObject[key] = lastNode;
+                lastNode = nodeObject;
+            }
+        }
+
+        if constexpr (std::is_same_v<parent_type, QJsonObject>)
+            parent = lastNode.toObject();
+        else if constexpr (std::is_same_v<parent_type, QJsonArray>)
+            parent = lastNode.toArray();
+        else
+            Q_UNREACHABLE();
+    }
+};

client/3rd/QJsonStruct/QJsonStruct.cmake

@@ -0,0 +1,5 @@
+include_directories(${CMAKE_CURRENT_LIST_DIR})
+
+set(QJSONSTRUCT_SOURCES
+    ${CMAKE_CURRENT_LIST_DIR}/QJsonStruct.hpp
+    ${CMAKE_CURRENT_LIST_DIR}/QJsonIO.hpp)

client/3rd/QJsonStruct/QJsonStruct.hpp

@@ -0,0 +1,215 @@
+#pragma once
+#include "macroexpansion.hpp"
+
+#ifndef _X
+    #include <QJsonArray>
+    #include <QJsonObject>
+    #include <QList>
+    #include <QVariant>
+#endif
+
+/// macro to define an operator==
+#define ___JSONSTRUCT_DEFAULT_COMPARE_IMPL(x) (this->x == ___another___instance__.x) &&
+#define JSONSTRUCT_COMPARE(CLASS, ...)                                                                                                               \
+    bool operator==(const CLASS &___another___instance__) const                                                                                      \
+    {                                                                                                                                                \
+        return FOR_EACH(___JSONSTRUCT_DEFAULT_COMPARE_IMPL, __VA_ARGS__) true;                                                                       \
+    }
+
+// ============================================================================================
+// Load JSON IMPL
+#define ___DESERIALIZE_FROM_JSON_CONVERT_B_FUNC_IMPL(name) name::loadJson(___json_object_);
+#define ___DESERIALIZE_FROM_JSON_CONVERT_A_FUNC(name) ___DESERIALIZE_FROM_JSON_CONVERT_F_FUNC(name)
+#define ___DESERIALIZE_FROM_JSON_CONVERT_B_FUNC(...) FOREACH_CALL_FUNC_3(___DESERIALIZE_FROM_JSON_CONVERT_B_FUNC_IMPL, __VA_ARGS__)
+#define ___DESERIALIZE_FROM_JSON_CONVERT_F_FUNC(name)                                                                                                \
+    if (___json_object_.toObject().contains(#name))                                                                                                  \
+    {                                                                                                                                                \
+        JsonStructHelper::Deserialize(this->name, ___json_object_.toObject()[#name]);                                                                \
+    }                                                                                                                                                \
+    else                                                                                                                                             \
+    {                                                                                                                                                \
+        this->name = ___qjsonstruct_default_check.name;                                                                                              \
+    }
+
+// ============================================================================================
+// To JSON IMPL
+#define ___SERIALIZE_TO_JSON_CONVERT_F_FUNC(name)                                                                                                    \
+    if (!(___qjsonstruct_default_check.name == this->name))                                                                                          \
+    {                                                                                                                                                \
+        ___json_object_.insert(#name, JsonStructHelper::Serialize(name));                                                                            \
+    }
+#define ___SERIALIZE_TO_JSON_CONVERT_A_FUNC(name) ___json_object_.insert(#name, JsonStructHelper::Serialize(name));
+#define ___SERIALIZE_TO_JSON_CONVERT_B_FUNC_IMPL(name) JsonStructHelper::MergeJson(___json_object_, name::toJson());
+#define ___SERIALIZE_TO_JSON_CONVERT_B_FUNC(...) FOREACH_CALL_FUNC_3(___SERIALIZE_TO_JSON_CONVERT_B_FUNC_IMPL, __VA_ARGS__)
+
+// ============================================================================================
+// Load JSON Wrapper
+#define ___DESERIALIZE_FROM_JSON_CONVERT_FUNC_DECL_A(...) FOREACH_CALL_FUNC_2(___DESERIALIZE_FROM_JSON_CONVERT_A_FUNC, __VA_ARGS__)
+#define ___DESERIALIZE_FROM_JSON_CONVERT_FUNC_DECL_F(...) FOREACH_CALL_FUNC_2(___DESERIALIZE_FROM_JSON_CONVERT_F_FUNC, __VA_ARGS__)
+#define ___DESERIALIZE_FROM_JSON_CONVERT_FUNC_DECL_B(...) FOREACH_CALL_FUNC_2(___DESERIALIZE_FROM_JSON_CONVERT_B_FUNC, __VA_ARGS__)
+#define ___DESERIALIZE_FROM_JSON_EXTRACT_B_F(name_option) ___DESERIALIZE_FROM_JSON_CONVERT_FUNC_DECL_##name_option
+
+// ============================================================================================
+// To JSON Wrapper
+#define ___SERIALIZE_TO_JSON_CONVERT_FUNC_DECL_A(...) FOREACH_CALL_FUNC_2(___SERIALIZE_TO_JSON_CONVERT_A_FUNC, __VA_ARGS__)
+#define ___SERIALIZE_TO_JSON_CONVERT_FUNC_DECL_F(...) FOREACH_CALL_FUNC_2(___SERIALIZE_TO_JSON_CONVERT_F_FUNC, __VA_ARGS__)
+#define ___SERIALIZE_TO_JSON_CONVERT_FUNC_DECL_B(...) FOREACH_CALL_FUNC_2(___SERIALIZE_TO_JSON_CONVERT_B_FUNC, __VA_ARGS__)
+#define ___SERIALIZE_TO_JSON_EXTRACT_B_F(name_option) ___SERIALIZE_TO_JSON_CONVERT_FUNC_DECL_##name_option
+
+// ============================================================================================
+#define JSONSTRUCT_REGISTER_NOCOPYMOVE(___class_type_, ...)                                                                                          \
+    void loadJson(const QJsonValue &___json_object_)                                                                                                 \
+    {                                                                                                                                                \
+        ___class_type_ ___qjsonstruct_default_check;                                                                                                 \
+        FOREACH_CALL_FUNC(___DESERIALIZE_FROM_JSON_EXTRACT_B_F, __VA_ARGS__);                                                                        \
+    }                                                                                                                                                \
+    [[nodiscard]] const QJsonObject toJson() const                                                                                                   \
+    {                                                                                                                                                \
+        ___class_type_ ___qjsonstruct_default_check;                                                                                                 \
+        QJsonObject ___json_object_;                                                                                                                 \
+        FOREACH_CALL_FUNC(___SERIALIZE_TO_JSON_EXTRACT_B_F, __VA_ARGS__);                                                                            \
+        return ___json_object_;                                                                                                                      \
+    }
+
+#define JSONSTRUCT_REGISTER(___class_type_, ...)                                                                                                     \
+    JSONSTRUCT_REGISTER_NOCOPYMOVE(___class_type_, __VA_ARGS__);                                                                                     \
+    [[nodiscard]] static auto fromJson(const QJsonValue &___json_object_)                                                                            \
+    {                                                                                                                                                \
+        ___class_type_ _t;                                                                                                                           \
+        _t.loadJson(___json_object_);                                                                                                                \
+        return _t;                                                                                                                                   \
+    }
+
+#define ___DECL_JSON_STRUCT_LOAD_SIMPLE_TYPE_FUNC(type, convert_func)                                                                                \
+    static void Deserialize(type &t, const QJsonValue &d)                                                                                            \
+    {                                                                                                                                                \
+        t = d.convert_func;                                                                                                                          \
+    }
+
+class JsonStructHelper
+{
+  public:
+    static void MergeJson(QJsonObject &mergeTo, const QJsonObject &mergeIn)
+    {
+        for (const auto &key : mergeIn.keys())
+            mergeTo[key] = mergeIn.value(key);
+    }
+    //
+    template<typename T>
+    static void Deserialize(T &t, const QJsonValue &d)
+    {
+        if constexpr (std::is_enum_v<T>)
+            t = (T) d.toInt();
+        else if constexpr (std::is_same_v<T, QJsonObject>)
+            t = d.toObject();
+        else if constexpr (std::is_same_v<T, QJsonArray>)
+            t = d.toArray();
+        else
+            t.loadJson(d);
+    }
+
+    ___DECL_JSON_STRUCT_LOAD_SIMPLE_TYPE_FUNC(QString, toString());
+    ___DECL_JSON_STRUCT_LOAD_SIMPLE_TYPE_FUNC(QChar, toVariant().toChar());
+    ___DECL_JSON_STRUCT_LOAD_SIMPLE_TYPE_FUNC(std::string, toString().toStdString());
+    ___DECL_JSON_STRUCT_LOAD_SIMPLE_TYPE_FUNC(std::wstring, toString().toStdWString());
+    ___DECL_JSON_STRUCT_LOAD_SIMPLE_TYPE_FUNC(bool, toBool());
+    ___DECL_JSON_STRUCT_LOAD_SIMPLE_TYPE_FUNC(double, toDouble());
+    ___DECL_JSON_STRUCT_LOAD_SIMPLE_TYPE_FUNC(float, toVariant().toFloat());
+    ___DECL_JSON_STRUCT_LOAD_SIMPLE_TYPE_FUNC(int, toInt());
+    ___DECL_JSON_STRUCT_LOAD_SIMPLE_TYPE_FUNC(long, toVariant().toLongLong());
+    ___DECL_JSON_STRUCT_LOAD_SIMPLE_TYPE_FUNC(long long, toVariant().toLongLong());
+    ___DECL_JSON_STRUCT_LOAD_SIMPLE_TYPE_FUNC(unsigned int, toVariant().toUInt());
+    ___DECL_JSON_STRUCT_LOAD_SIMPLE_TYPE_FUNC(unsigned long, toVariant().toULongLong());
+    ___DECL_JSON_STRUCT_LOAD_SIMPLE_TYPE_FUNC(unsigned long long, toVariant().toULongLong());
+
+    template<typename T>
+    static void Deserialize(QList<T> &t, const QJsonValue &d)
+    {
+        t.clear();
+        for (const auto &val : d.toArray())
+        {
+            T data;
+            Deserialize(data, val);
+            t.push_back(data);
+        }
+    }
+
+    template<typename TKey, typename TValue>
+    static void Deserialize(QMap<TKey, TValue> &t, const QJsonValue &d)
+    {
+        t.clear();
+        const auto &jsonObject = d.toObject();
+        TKey keyVal;
+        TValue valueVal;
+        for (const auto &key : jsonObject.keys())
+        {
+            Deserialize(keyVal, key);
+            Deserialize(valueVal, jsonObject.value(key));
+            t.insert(keyVal, valueVal);
+        }
+    }
+
+    // =========================== Store Json Data ===========================
+
+    template<typename T>
+    static QJsonValue Serialize(const T &t)
+    {
+        if constexpr (std::is_enum_v<T>)
+            return (int) t;
+        else if constexpr (std::is_same_v<T, QJsonObject> || std::is_same_v<T, QJsonArray>)
+            return t;
+        else
+            return t.toJson();
+    }
+
+#define pure_func(x) (x)
+#define ___DECL_JSON_STRUCT_STORE_SIMPLE_TYPE_FUNC(type)                                                                                             \
+    static QJsonValue Serialize(const type &t)                                                                                                       \
+    {                                                                                                                                                \
+        return QJsonValue(t);                                                                                                                        \
+    }
+    ___DECL_JSON_STRUCT_STORE_SIMPLE_TYPE_FUNC(int);
+    ___DECL_JSON_STRUCT_STORE_SIMPLE_TYPE_FUNC(bool);
+    ___DECL_JSON_STRUCT_STORE_SIMPLE_TYPE_FUNC(QJsonArray);
+    ___DECL_JSON_STRUCT_STORE_SIMPLE_TYPE_FUNC(QJsonObject);
+    ___DECL_JSON_STRUCT_STORE_SIMPLE_TYPE_FUNC(QString);
+    ___DECL_JSON_STRUCT_STORE_SIMPLE_TYPE_FUNC(long long);
+    ___DECL_JSON_STRUCT_STORE_SIMPLE_TYPE_FUNC(float);
+    ___DECL_JSON_STRUCT_STORE_SIMPLE_TYPE_FUNC(double);
+
+#define ___DECL_JSON_STRUCT_STORE_VARIANT_TYPE_FUNC(type, func)                                                                                      \
+    static QJsonValue Serialize(const type &t)                                                                                                       \
+    {                                                                                                                                                \
+        return QJsonValue::fromVariant(func);                                                                                                        \
+    }
+
+    ___DECL_JSON_STRUCT_STORE_VARIANT_TYPE_FUNC(std::string, QString::fromStdString(t))
+    ___DECL_JSON_STRUCT_STORE_VARIANT_TYPE_FUNC(std::wstring, QString::fromStdWString(t))
+    ___DECL_JSON_STRUCT_STORE_VARIANT_TYPE_FUNC(long, QVariant::fromValue<long>(t))
+    ___DECL_JSON_STRUCT_STORE_VARIANT_TYPE_FUNC(unsigned int, QVariant::fromValue<unsigned int>(t))
+    ___DECL_JSON_STRUCT_STORE_VARIANT_TYPE_FUNC(unsigned long, QVariant::fromValue<unsigned long>(t))
+    ___DECL_JSON_STRUCT_STORE_VARIANT_TYPE_FUNC(unsigned long long, QVariant::fromValue<unsigned long long>(t))
+
+    template<typename TValue>
+    static QJsonValue Serialize(const QMap<QString, TValue> &t)
+    {
+        QJsonObject mapObject;
+        for (const auto &key : t.keys())
+        {
+            auto valueVal = Serialize(t.value(key));
+            mapObject.insert(key, valueVal);
+        }
+        return mapObject;
+    }
+
+    template<typename T>
+    static QJsonValue Serialize(const QList<T> &t)
+    {
+        QJsonArray listObject;
+        for (const auto &item : t)
+        {
+            listObject.push_back(Serialize(item));
+        }
+        return listObject;
+    }
+};

client/3rd/QJsonStruct/macroexpansion.hpp

@@ -0,0 +1,74 @@
+#pragma once
+
+#define CONCATENATE1(arg1, arg2) CONCATENATE2(arg1, arg2)
+#define CONCATENATE2(arg1, arg2) arg1##arg2
+#define CONCATENATE(x, y) x##y
+
+#define EXPAND(...) __VA_ARGS__
+#define FOR_EACH_1(what, x, ...) what(x)
+#define FOR_EACH_2(what, x, ...) what(x) EXPAND(FOR_EACH_1(what, __VA_ARGS__))
+#define FOR_EACH_3(what, x, ...) what(x) EXPAND(FOR_EACH_2(what, __VA_ARGS__))
+#define FOR_EACH_4(what, x, ...) what(x) EXPAND(FOR_EACH_3(what, __VA_ARGS__))
+#define FOR_EACH_5(what, x, ...) what(x) EXPAND(FOR_EACH_4(what, __VA_ARGS__))
+#define FOR_EACH_6(what, x, ...) what(x) EXPAND(FOR_EACH_5(what, __VA_ARGS__))
+#define FOR_EACH_7(what, x, ...) what(x) EXPAND(FOR_EACH_6(what, __VA_ARGS__))
+#define FOR_EACH_8(what, x, ...) what(x) EXPAND(FOR_EACH_7(what, __VA_ARGS__))
+#define FOR_EACH_9(what, x, ...) what(x) EXPAND(FOR_EACH_8(what, __VA_ARGS__))
+#define FOR_EACH_10(what, x, ...) what(x) EXPAND(FOR_EACH_9(what, __VA_ARGS__))
+#define FOR_EACH_11(what, x, ...) what(x) EXPAND(FOR_EACH_10(what, __VA_ARGS__))
+#define FOR_EACH_12(what, x, ...) what(x) EXPAND(FOR_EACH_11(what, __VA_ARGS__))
+#define FOR_EACH_13(what, x, ...) what(x) EXPAND(FOR_EACH_12(what, __VA_ARGS__))
+#define FOR_EACH_14(what, x, ...) what(x) EXPAND(FOR_EACH_13(what, __VA_ARGS__))
+#define FOR_EACH_15(what, x, ...) what(x) EXPAND(FOR_EACH_14(what, __VA_ARGS__))
+#define FOR_EACH_16(what, x, ...) what(x) EXPAND(FOR_EACH_15(what, __VA_ARGS__))
+
+#define FOR_EACH_NARG(...) FOR_EACH_NARG_(__VA_ARGS__, FOR_EACH_RSEQ_N())
+#define FOR_EACH_NARG_(...) EXPAND(FOR_EACH_ARG_N(__VA_ARGS__))
+#define FOR_EACH_ARG_N(_1, _2, _3, _4, _5, _6, _7, _8, _9, _10, _11, _12, _13, _14, _15, _16, N, ...) N
+#define FOR_EACH_RSEQ_N() 16, 15, 14, 13, 12, 11, 10, 9, 8, 7, 6, 5, 4, 3, 2, 1, 0
+
+#define FOR_EACH_(N, what, ...) EXPAND(CONCATENATE(FOR_EACH_, N)(what, __VA_ARGS__))
+#define FOR_EACH(what, ...) FOR_EACH_(FOR_EACH_NARG(__VA_ARGS__), what, __VA_ARGS__)
+#define FOREACH_CALL_FUNC(func, ...) FOR_EACH(func, __VA_ARGS__)
+
+// Bad hack ==========================================================================================================================
+#define _2X_FOR_EACH_1(what, x, ...) what(x)
+#define _2X_FOR_EACH_2(what, x, ...) what(x) EXPAND(_2X_FOR_EACH_1(what, __VA_ARGS__))
+#define _2X_FOR_EACH_3(what, x, ...) what(x) EXPAND(_2X_FOR_EACH_2(what, __VA_ARGS__))
+#define _2X_FOR_EACH_4(what, x, ...) what(x) EXPAND(_2X_FOR_EACH_3(what, __VA_ARGS__))
+#define _2X_FOR_EACH_5(what, x, ...) what(x) EXPAND(_2X_FOR_EACH_4(what, __VA_ARGS__))
+#define _2X_FOR_EACH_6(what, x, ...) what(x) EXPAND(_2X_FOR_EACH_5(what, __VA_ARGS__))
+#define _2X_FOR_EACH_7(what, x, ...) what(x) EXPAND(_2X_FOR_EACH_6(what, __VA_ARGS__))
+#define _2X_FOR_EACH_8(what, x, ...) what(x) EXPAND(_2X_FOR_EACH_7(what, __VA_ARGS__))
+#define _2X_FOR_EACH_9(what, x, ...) what(x) EXPAND(_2X_FOR_EACH_8(what, __VA_ARGS__))
+#define _2X_FOR_EACH_10(what, x, ...) what(x) EXPAND(_2X_FOR_EACH_9(what, __VA_ARGS__))
+#define _2X_FOR_EACH_11(what, x, ...) what(x) EXPAND(_2X_FOR_EACH_10(what, __VA_ARGS__))
+#define _2X_FOR_EACH_12(what, x, ...) what(x) EXPAND(_2X_FOR_EACH_11(what, __VA_ARGS__))
+#define _2X_FOR_EACH_13(what, x, ...) what(x) EXPAND(_2X_FOR_EACH_12(what, __VA_ARGS__))
+#define _2X_FOR_EACH_14(what, x, ...) what(x) EXPAND(_2X_FOR_EACH_13(what, __VA_ARGS__))
+#define _2X_FOR_EACH_15(what, x, ...) what(x) EXPAND(_2X_FOR_EACH_14(what, __VA_ARGS__))
+#define _2X_FOR_EACH_16(what, x, ...) what(x) EXPAND(_2X_FOR_EACH_15(what, __VA_ARGS__))
+#define _2X_FOR_EACH_(N, what, ...) EXPAND(CONCATENATE(_2X_FOR_EACH_, N)(what, __VA_ARGS__))
+#define _2X_FOR_EACH(what, ...) _2X_FOR_EACH_(FOR_EACH_NARG(__VA_ARGS__), what, __VA_ARGS__)
+#define FOREACH_CALL_FUNC_2(func, ...) _2X_FOR_EACH(func, __VA_ARGS__)
+
+// Bad hack ==========================================================================================================================
+#define _3X_FOR_EACH_1(what, x, ...) what(x)
+#define _3X_FOR_EACH_2(what, x, ...) what(x) EXPAND(_3X_FOR_EACH_1(what, __VA_ARGS__))
+#define _3X_FOR_EACH_3(what, x, ...) what(x) EXPAND(_3X_FOR_EACH_2(what, __VA_ARGS__))
+#define _3X_FOR_EACH_4(what, x, ...) what(x) EXPAND(_3X_FOR_EACH_3(what, __VA_ARGS__))
+#define _3X_FOR_EACH_5(what, x, ...) what(x) EXPAND(_3X_FOR_EACH_4(what, __VA_ARGS__))
+#define _3X_FOR_EACH_6(what, x, ...) what(x) EXPAND(_3X_FOR_EACH_5(what, __VA_ARGS__))
+#define _3X_FOR_EACH_7(what, x, ...) what(x) EXPAND(_3X_FOR_EACH_6(what, __VA_ARGS__))
+#define _3X_FOR_EACH_8(what, x, ...) what(x) EXPAND(_3X_FOR_EACH_7(what, __VA_ARGS__))
+#define _3X_FOR_EACH_9(what, x, ...) what(x) EXPAND(_3X_FOR_EACH_8(what, __VA_ARGS__))
+#define _3X_FOR_EACH_10(what, x, ...) what(x) EXPAND(_3X_FOR_EACH_9(what, __VA_ARGS__))
+#define _3X_FOR_EACH_11(what, x, ...) what(x) EXPAND(_3X_FOR_EACH_10(what, __VA_ARGS__))
+#define _3X_FOR_EACH_12(what, x, ...) what(x) EXPAND(_3X_FOR_EACH_11(what, __VA_ARGS__))
+#define _3X_FOR_EACH_13(what, x, ...) what(x) EXPAND(_3X_FOR_EACH_12(what, __VA_ARGS__))
+#define _3X_FOR_EACH_14(what, x, ...) what(x) EXPAND(_3X_FOR_EACH_13(what, __VA_ARGS__))
+#define _3X_FOR_EACH_15(what, x, ...) what(x) EXPAND(_3X_FOR_EACH_14(what, __VA_ARGS__))
+#define _3X_FOR_EACH_16(what, x, ...) what(x) EXPAND(_3X_FOR_EACH_15(what, __VA_ARGS__))
+#define _3X_FOR_EACH_(N, what, ...) EXPAND(CONCATENATE(_3X_FOR_EACH_, N)(what, __VA_ARGS__))
+#define _3X_FOR_EACH(what, ...) _3X_FOR_EACH_(FOR_EACH_NARG(__VA_ARGS__), what, __VA_ARGS__)
+#define FOREACH_CALL_FUNC_3(func, ...) _3X_FOR_EACH(func, __VA_ARGS__)

client/3rd/QJsonStruct/test/CMakeLists.txt

@@ -0,0 +1,16 @@
+function(QJSONSTRUCT_ADD_TEST TEST_NAME TEST_SOURCE)
+    add_executable(${TEST_NAME} ${TEST_SOURCE} catch.hpp ${QJSONSTRUCT_SOURCES})
+    target_include_directories(${TEST_NAME}
+        PRIVATE
+        $<BUILD_INTERFACE:${CMAKE_CURRENT_SOURCE_DIR}>
+        )
+    target_link_libraries(
+        ${TEST_NAME}
+        PRIVATE
+        Qt::Core
+        )
+    add_test(NAME QJSONSTRUCT_TEST_${TEST_NAME} COMMAND $<TARGET_FILE:${TEST_NAME}> -s)
+endfunction()
+
+QJSONSTRUCT_ADD_TEST(serialization serialize/main.cpp)
+#QJSONSTRUCT_ADD_TEST(serialize_strings serialize/strings.cpp)

client/3rd/QJsonStruct/test/TestIO.hpp

@@ -0,0 +1,45 @@
+#pragma once
+#include "QJsonStruct.hpp"
+#ifndef _X
+    #include <QList>
+    #include <QString>
+    #include <QStringList>
+#endif
+
+struct BaseStruct
+{
+    QString baseStr;
+    int o;
+    JSONSTRUCT_REGISTER(BaseStruct, F(baseStr, o))
+};
+
+struct BaseStruct2
+{
+    QString baseStr2;
+    int o2;
+    JSONSTRUCT_REGISTER(BaseStruct, F(baseStr2, o2))
+};
+struct TestInnerStruct
+    : BaseStruct
+    , BaseStruct2
+{
+    QJsonObject jobj;
+    QJsonArray jarray;
+    QString str;
+    JSONSTRUCT_REGISTER(TestInnerStruct, B(BaseStruct, BaseStruct2), F(str, jobj, jarray))
+};
+
+struct JsonIOTest
+{
+    QString str;
+    QList<int> listOfNumber;
+    QList<bool> listOfBool;
+    QList<QString> listOfString;
+    QList<QList<QString>> listOfListOfString;
+
+    QMap<QString, QString> map;
+    TestInnerStruct inner;
+
+    JSONSTRUCT_REGISTER(JsonIOTest, F(str, listOfNumber, listOfBool, listOfString, listOfListOfString, map, inner));
+    JsonIOTest(){};
+};

client/3rd/QJsonStruct/test/TestOut.hpp

@@ -0,0 +1,19 @@
+#pragma once
+#include "QJsonStruct.hpp"
+
+struct SubData
+{
+    QString subString;
+    JSONSTRUCT_REGISTER_TOJSON(subString)
+};
+
+struct ToJsonOnlyData
+{
+    QString x;
+    int y;
+    int z;
+    QList<int> ints;
+    SubData sub;
+    QMap<QString, SubData> subs;
+    JSONSTRUCT_REGISTER_TOJSON(x, y, z, sub, ints, subs)
+};

client/3rd/QJsonStruct/test/main.cpp

@@ -0,0 +1,70 @@
+#include "QJsonIO.hpp"
+#include "QJsonStruct.hpp"
+#include "TestIO.hpp"
+#include "TestOut.hpp"
+
+#include <QCoreApplication>
+#include <QJsonDocument>
+#include <iostream>
+
+int main(int argc, char *argv[])
+{
+    Q_UNUSED(argc)
+    Q_UNUSED(argv)
+
+    {
+        ToJsonOnlyData data;
+        data.x = "1string";
+        data.y = 2;
+        data.ints << 0;
+        data.ints << 100;
+        data.ints << 900;
+        data.sub.subString = "subs";
+        data.subs["subs-1"] = { "subs1-data" };
+        data.subs["subs-2"] = { "subs2-data" };
+        data.subs["subs-3"] = { "subs3-data" };
+        data.z = 3;
+        auto x = data.toJson();
+        std::cout << QJsonDocument(x).toJson().toStdString() << std::endl;
+    }
+    //
+    {
+        auto f = JsonIOTest::fromJson( //
+            QJsonObject{
+                { "inner", QJsonObject{ { "str", "innerString" },                                 //
+                                        { "jobj", QJsonObject{ { "key", "value" } } },            //
+                                        { "jarray", QJsonArray{ "array0", "array1", "array2" } }, //
+                                        { "baseStr", "baseInnerString" } } },                     //
+                { "str", "data1" },                                                               //
+                { "map", QJsonObject{ { "mapStr", "mapData" } } },                                //
+                { "listOfString", QJsonArray{ "1", "2", "3", "4", "5" } },                        //
+                { "listOfNumber", QJsonArray{ 1, 2, 3, 4, 5 } },                                  //
+                { "listOfBool", QJsonArray{ true, false, false, true, true } },                   //
+                { "listOfListOfString", QJsonArray{ QJsonArray{ "1" },                            //
+                                                    QJsonArray{ "1", "2" },                       //
+                                                    QJsonArray{ "1", "2", "3" },                  //
+                                                    QJsonArray{ "1", "2", "3", "4" },             //
+                                                    QJsonArray{ "1", "2", "3", "4", "5" } } },    //
+            });
+        auto x = f.toJson();
+        std::cout << QJsonDocument(x).toJson().toStdString() << std::endl;
+    }
+    {
+        QJsonObject obj{
+            { "inner", QJsonObject{ { "str", "innerString" }, { "baseStr", "baseInnerString" } } }, //
+            { "str", "data1" },                                                                     //
+            { "map", QJsonObject{ { "mapStr", "mapData" } } },                                      //
+            { "listOfString", QJsonArray{ "1", "2", "3", "4", "5" } },                              //
+            { "listOfNumber", QJsonArray{ 1, 2, 3, 4, 5 } },                                        //
+            { "listOfBool", QJsonArray{ true, false, false, true, true } },                         //
+            { "listOfListOfString", QJsonArray{ QJsonArray{ "1" },                                  //
+                                                QJsonArray{ "1", "2" },                             //
+                                                QJsonArray{ "1", "2", "3" },                        //
+                                                QJsonArray{ "1", "2", "3", "4" },                   //
+                                                QJsonArray{ "1", "2", "3", "4", "5" } } },          //
+        };
+        auto y = QJsonIO::GetValue(obj, std::tuple{ "listOfListOfString", 2 });
+        y.toObject();
+    }
+    return 0;
+}

client/3rd/QJsonStruct/test/serialize/main.cpp

@@ -0,0 +1,181 @@
+#include "QJsonStruct.hpp"
+#define CATCH_CONFIG_MAIN
+#include "catch.hpp"
+
+const static inline auto INT_TEST_MAX = std::numeric_limits<int>::max() - 1;
+const static inline auto INT_TEST_MIN = -(std::numeric_limits<int>::min() + 1);
+
+#define SINGLE_ELEMENT_CLASS_DECL(CLASS, TYPE, field, defaultvalue, existance)                                                                       \
+    class CLASS                                                                                                                                      \
+    {                                                                                                                                                \
+      public:                                                                                                                                        \
+        TYPE field = defaultvalue;                                                                                                                   \
+        JSONSTRUCT_REGISTER(CLASS, existance(field));                                                                                                \
+    };
+
+// SINGLE_ELEMENT_REQUIRE( CLASS_NAME , TYPE , FIELD , DEFAULT_VALUE , SET VALUE , CHECK VALUE )
+#define SINGLE_ELEMENT_REQUIRE(CLASS, TYPE, field, defaultvalue, value, checkvalue, existance)                                                       \
+    SINGLE_ELEMENT_CLASS_DECL(CLASS, TYPE, field, defaultvalue, existance);                                                                          \
+    CLASS CLASS##_class;                                                                                                                             \
+    CLASS##_class.field = value;                                                                                                                     \
+    REQUIRE(CLASS##_class.toJson()[#field] == checkvalue);
+
+using namespace std;
+SCENARIO("Test Serialization", "[Serialize]")
+{
+    GIVEN("Single Element")
+    {
+        const static QList<QString> defaultList{ "entry 1", "entry 2" };
+        const static QMap<QString, QString> defaultMap{ { "key1", "value1" }, { "key2", "value2" } };
+        typedef QMap<QString, QString> QStringQStringMap;
+
+        WHEN("Serialize a single element")
+        {
+            const static QStringQStringMap setValueMap{ { "newkey1", "newvalue1" } };
+            const static QJsonObject setValueJson{ { "newkey1", QJsonValue{ "newvalue1" } } };
+
+            SINGLE_ELEMENT_REQUIRE(QStringTest_Empty, QString, a, "empty", "", "", F);
+            SINGLE_ELEMENT_REQUIRE(QStringTest, QString, a, "empty", "Some QString", "Some QString", F);
+            SINGLE_ELEMENT_REQUIRE(QStringTest_WithQoutes, QString, a, "empty", "\"", "\"", F);
+            SINGLE_ELEMENT_REQUIRE(QStringTest_zint, int, a, -10, 0, 0, F);
+            SINGLE_ELEMENT_REQUIRE(QStringTest_nint, int, a, -10, 1, 1, F);
+            SINGLE_ELEMENT_REQUIRE(QStringTest_pint, int, a, -10, -1, -1, F);
+            SINGLE_ELEMENT_REQUIRE(QStringTest_pmint, int, a, -1, INT_TEST_MAX, INT_TEST_MAX, F);
+            SINGLE_ELEMENT_REQUIRE(QStringTest_zmint, int, a, -1, INT_TEST_MIN, INT_TEST_MIN, F);
+            SINGLE_ELEMENT_REQUIRE(QStringTest_zuint, uint, a, -10, 0, 0, F);
+            SINGLE_ELEMENT_REQUIRE(QStringTest_puint, uint, a, -10, 1, 1, F);
+            SINGLE_ELEMENT_REQUIRE(BoolTest_True, bool, a, false, true, true, F);
+            SINGLE_ELEMENT_REQUIRE(BoolTest_False, bool, a, true, false, false, F);
+            SINGLE_ELEMENT_REQUIRE(StdStringTest, string, a, "def", "std::string _test", "std::string _test", F);
+            SINGLE_ELEMENT_REQUIRE(QListTest, QList<QString>, a, defaultList, { "newEntry" }, QJsonArray{ "newEntry" }, F);
+            SINGLE_ELEMENT_REQUIRE(QMapTest, QStringQStringMap, a, defaultMap, {}, QJsonObject{}, F);
+            SINGLE_ELEMENT_REQUIRE(QMapValueTest, QStringQStringMap, a, defaultMap, setValueMap, setValueJson, F);
+        }
+
+        WHEN("Serialize a default value")
+        {
+            SINGLE_ELEMENT_REQUIRE(DefaultQString, QString, a, "defaultvalue", "defaultvalue", QJsonValue::Undefined, F);
+            SINGLE_ELEMENT_REQUIRE(DefaultInteger, int, a, 12345, 12345, QJsonValue::Undefined, F);
+            SINGLE_ELEMENT_REQUIRE(DefaultList, QList<QString>, a, defaultList, defaultList, QJsonValue::Undefined, F);
+            SINGLE_ELEMENT_REQUIRE(DefaultMap, QStringQStringMap, a, defaultMap, defaultMap, QJsonValue::Undefined, F);
+        }
+
+        WHEN("Serialize a force existance default value")
+        {
+            const static QJsonArray defaultListJson{ "entry 1", "entry 2" };
+            const static QJsonObject defaultMapJson{ { "key1", "value1" }, { "key2", "value2" } };
+            SINGLE_ELEMENT_REQUIRE(DefaultQString, QString, a, "defaultvalue", "defaultvalue", "defaultvalue", A);
+            SINGLE_ELEMENT_REQUIRE(DefaultInteger, int, a, 12345, 12345, 12345, A);
+            SINGLE_ELEMENT_REQUIRE(DefaultList, QList<QString>, a, defaultList, defaultList, defaultListJson, A);
+            SINGLE_ELEMENT_REQUIRE(DefaultMap, QStringQStringMap, a, defaultMap, defaultMap, defaultMapJson, A);
+        }
+    }
+
+    GIVEN("Multiple Simple Elements")
+    {
+        WHEN("Can Omit Default Value")
+        {
+            class MultipleNonDefaultElementTestClass
+            {
+              public:
+                QString astring;
+                int integer = 0;
+                double adouble = 0.0;
+                QList<QString> myList;
+                JSONSTRUCT_REGISTER(MultipleNonDefaultElementTestClass, F(astring, integer, adouble, myList))
+            };
+            MultipleNonDefaultElementTestClass instance;
+            const auto json = instance.toJson();
+            REQUIRE(json["astring"] == QJsonValue::Undefined);
+            REQUIRE(json["integer"] == QJsonValue::Undefined);
+            REQUIRE(json["adouble"] == QJsonValue::Undefined);
+            REQUIRE(json["myList"] == QJsonValue::Undefined);
+        }
+
+        WHEN("Forcing Existance")
+        {
+            class MultipleNonDefaultExistanceElementTestClass
+            {
+              public:
+                QString astring;
+                int integer = 0;
+                double adouble = 0.0;
+                QList<QString> myList;
+                JSONSTRUCT_REGISTER(MultipleNonDefaultExistanceElementTestClass, A(astring, integer, adouble, myList))
+            };
+            MultipleNonDefaultExistanceElementTestClass instance;
+            const auto json = instance.toJson();
+            REQUIRE(json["astring"] == "");
+            REQUIRE(json["integer"] == 0);
+            REQUIRE(json["adouble"] == 0.0);
+            REQUIRE(json["myList"] == QJsonArray{});
+        }
+    }
+
+    GIVEN("Nested Elements")
+    {
+        WHEN("Can Omit Default Value")
+        {
+            class Parent
+            {
+                class NestedChild
+                {
+                    class NestedChild2
+                    {
+                      public:
+                        int childChildInt = 13579;
+                        JSONSTRUCT_COMPARE(NestedChild2, childChildInt)
+                        JSONSTRUCT_REGISTER(NestedChild2, F(childChildInt))
+                    };
+
+                  public:
+                    int childInt = 54321;
+                    QString childQString = "A QString";
+                    NestedChild2 anotherChild;
+                    JSONSTRUCT_COMPARE(NestedChild, childInt, childQString, anotherChild)
+                    JSONSTRUCT_REGISTER(NestedChild, F(childInt, childQString, anotherChild))
+                };
+
+              public:
+                int parentInt = 12345;
+                NestedChild child;
+                JSONSTRUCT_REGISTER(Parent, F(parentInt, child))
+            };
+
+            WHEN("Omitted whole child element")
+            {
+                Parent parent;
+                const auto json = parent.toJson();
+                REQUIRE(json["parentInt"] == QJsonValue::Undefined);
+                REQUIRE(json["child"] == QJsonValue::Undefined);
+            }
+
+            WHEN("Omitted one element in the child")
+            {
+                const auto childJson = QJsonObject{ { "childInt", 1314 } };
+                Parent parent;
+                parent.child.childInt = 1314;
+                const auto json = parent.toJson();
+                REQUIRE(json["parentInt"] == QJsonValue::Undefined);
+                REQUIRE(json["child"] == childJson);
+                REQUIRE(json["child"]["childInt"] == 1314);
+                REQUIRE(json["child"]["childQString"] == QJsonValue::Undefined);
+                REQUIRE(json["child"]["child"]["anotherChild"] == QJsonValue::Undefined);
+            }
+
+            WHEN("Omitted one element in the child child")
+            {
+                Parent parent;
+                parent.child.childInt = 1314;
+                parent.child.anotherChild.childChildInt = 97531;
+                const auto json = parent.toJson();
+                REQUIRE(json["parentInt"] == QJsonValue::Undefined);
+                REQUIRE(json["child"]["childInt"] == 1314);
+                REQUIRE(json["child"]["childQString"] == QJsonValue::Undefined);
+                const QJsonObject childChild{ { "childChildInt", 97531 } };
+                REQUIRE(json["child"]["anotherChild"] == childChild);
+                REQUIRE(json["child"]["anotherChild"]["childChildInt"] == 97531);
+            }
+        }
+    }
+}

client/3rd/QSimpleCrypto/QSimpleCrypto.cmake

@@ -1,20 +0,0 @@
-include_directories(${CMAKE_CURRENT_LIST_DIR})
-
-set(HEADERS ${HEADERS}
-    ${CMAKE_CURRENT_LIST_DIR}/include/QAead.h
-    ${CMAKE_CURRENT_LIST_DIR}/include/QBlockCipher.h
-    ${CMAKE_CURRENT_LIST_DIR}/include/QCryptoError.h
-    ${CMAKE_CURRENT_LIST_DIR}/include/QRsa.h
-    ${CMAKE_CURRENT_LIST_DIR}/include/QSimpleCrypto_global.h
-    ${CMAKE_CURRENT_LIST_DIR}/include/QX509.h
-    ${CMAKE_CURRENT_LIST_DIR}/include/QX509Store.h
-)
-
-set(SOURCES ${SOURCES}
-    ${CMAKE_CURRENT_LIST_DIR}/sources/QAead.cpp
-    ${CMAKE_CURRENT_LIST_DIR}/sources/QBlockCipher.cpp
-    ${CMAKE_CURRENT_LIST_DIR}/sources/QCryptoError.cpp
-    ${CMAKE_CURRENT_LIST_DIR}/sources/QRsa.cpp
-    ${CMAKE_CURRENT_LIST_DIR}/sources/QX509.cpp
-    ${CMAKE_CURRENT_LIST_DIR}/sources/QX509Store.cpp
-)

client/3rd/QSimpleCrypto/QSimpleCrypto.pri

@@ -1,18 +0,0 @@
-INCLUDEPATH  += $$PWD
-
-HEADERS += \
-    $$PWD/include/QAead.h \
-    $$PWD/include/QBlockCipher.h \
-    $$PWD/include/QCryptoError.h \
-    $$PWD/include/QRsa.h \
-    $$PWD/include/QSimpleCrypto_global.h \
-    $$PWD/include/QX509.h \
-    $$PWD/include/QX509Store.h
-
-SOURCES += \
-    $$PWD/sources/QAead.cpp \
-    $$PWD/sources/QBlockCipher.cpp \
-    $$PWD/sources/QCryptoError.cpp \
-    $$PWD/sources/QRsa.cpp \
-    $$PWD/sources/QX509.cpp \
-    $$PWD/sources/QX509Store.cpp

client/3rd/QSimpleCrypto/include/QAead.h

@@ -1,87 +0,0 @@
-/**
- * Copyright 2021 BrutalWizard (https://github.com/bru74lw1z4rd). All Rights Reserved.
- *
- * Licensed under the Apache License 2.0 (the "License"). You may not use
- * this file except in compliance with the License. You can obtain a copy
- * in the file LICENSE in the source distribution
-**/
-
-#ifndef QAEAD_H
-#define QAEAD_H
-
-#include "QSimpleCrypto_global.h"
-
-#include <QObject>
-
-#include <memory>
-
-#include <openssl/aes.h>
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/rand.h>
-
-#include "QCryptoError.h"
-
-// clang-format off
-namespace QSimpleCrypto
-{
-    class QSIMPLECRYPTO_EXPORT QAead {
-    public:
-        QAead();
-
-        ///
-        /// \brief encryptAesGcm - Function encrypts data with Gcm algorithm.
-        /// \param data - Data that will be encrypted.
-        /// \param key - AES key.
-        /// \param iv - Initialization vector.
-        /// \param tag - Authorization tag.
-        /// \param aad - Additional authenticated data. Must be nullptr, if not used.
-        /// \param cipher - Can be used with OpenSSL EVP_CIPHER (gcm) - 128, 192, 256. Example: EVP_aes_256_gcm().
-        /// \return Returns encrypted data or "", if error happened.
-        ///
-        QByteArray encryptAesGcm(QByteArray data, QByteArray key, QByteArray iv, QByteArray* tag, QByteArray aad = "", const EVP_CIPHER* cipher = EVP_aes_256_gcm());
-
-        ///
-        /// \brief decryptAesGcm - Function decrypts data with Gcm algorithm.
-        /// \param data - Data that will be decrypted
-        /// \param key - AES key
-        /// \param iv - Initialization vector
-        /// \param tag - Authorization tag
-        /// \param aad - Additional authenticated data. Must be nullptr, if not used
-        /// \param cipher - Can be used with OpenSSL EVP_CIPHER (gcm) - 128, 192, 256. Example: EVP_aes_256_gcm()
-        /// \return Returns decrypted data or "", if error happened.
-        ///
-        QByteArray decryptAesGcm(QByteArray data, QByteArray key, QByteArray iv, QByteArray* tag, QByteArray aad = "", const EVP_CIPHER* cipher = EVP_aes_256_gcm());
-
-        ///
-        /// \brief encryptAesCcm - Function encrypts data with Ccm algorithm.
-        /// \param data - Data that will be encrypted.
-        /// \param key - AES key.
-        /// \param iv - Initialization vector.
-        /// \param tag - Authorization tag.
-        /// \param aad - Additional authenticated data. Must be nullptr, if not used.
-        /// \param cipher - Can be used with OpenSSL EVP_CIPHER (ccm) - 128, 192, 256. Example: EVP_aes_256_ccm().
-        /// \return Returns encrypted data or "", if error happened.
-        ///
-        QByteArray encryptAesCcm(QByteArray data, QByteArray key, QByteArray iv, QByteArray* tag, QByteArray aad = "", const EVP_CIPHER* cipher = EVP_aes_256_ccm());
-
-        ///
-        /// \brief decryptAesCcm - Function decrypts data with Ccm algorithm.
-        /// \param data - Data that will be decrypted.
-        /// \param key - AES key.
-        /// \param iv - Initialization vector.
-        /// \param tag - Authorization tag.
-        /// \param aad - Additional authenticated data. Must be nullptr, if not used.
-        /// \param cipher - Can be used with OpenSSL EVP_CIPHER (ccm) - 128, 192, 256. Example: EVP_aes_256_ccm().
-        /// \return Returns decrypted data or "", if error happened.
-        ///
-        QByteArray decryptAesCcm(QByteArray data, QByteArray key, QByteArray iv, QByteArray* tag, QByteArray aad = "", const EVP_CIPHER* cipher = EVP_aes_256_ccm());
-
-        ///
-        /// \brief error - Error handler class.
-        ///
-        QCryptoError error;
-    };
-} // namespace QSimpleCrypto
-
-#endif // QAEAD_H

client/3rd/QSimpleCrypto/include/QBlockCipher.h

@@ -1,84 +0,0 @@
-/**
- * Copyright 2021 BrutalWizard (https://github.com/bru74lw1z4rd). All Rights Reserved.
- *
- * Licensed under the Apache License 2.0 (the "License"). You may not use
- * this file except in compliance with the License. You can obtain a copy
- * in the file LICENSE in the source distribution
-**/
-
-#ifndef QBLOCKCIPHER_H
-#define QBLOCKCIPHER_H
-
-#include "QSimpleCrypto_global.h"
-
-#include <QObject>
-
-#include <memory>
-
-#include <openssl/aes.h>
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/rand.h>
-
-#include "QCryptoError.h"
-
-// clang-format off
-namespace QSimpleCrypto
-{
-    class QSIMPLECRYPTO_EXPORT QBlockCipher {
-
-    #define Aes128Rounds 10
-    #define Aes192Rounds 12
-    #define Aes256Rounds 14
-
-    public:
-        QBlockCipher();
-
-        ///
-        /// \brief generateRandomBytes - Function generates random bytes by size.
-        /// \param size - Size of generated bytes.
-        /// \return Returns random bytes.
-        ///
-        QByteArray generateRandomBytes(const int& size);
-        QByteArray generateSecureRandomBytes(const int& size);
-
-        ///
-        /// \brief encryptAesBlockCipher - Function encrypts data with Aes Block Cipher algorithm.
-        /// \param data - Data that will be encrypted.
-        /// \param key - AES key.
-        /// \param iv - Initialization vector.
-        /// \param password - Encryption password.
-        /// \param salt - Random delta.
-        /// \param rounds - Transformation rounds.
-        /// \param chiper - Can be used with OpenSSL EVP_CIPHER (ecb, cbc, cfb, ofb, ctr) - 128, 192, 256. Example: EVP_aes_256_cbc().
-        /// \param md - Hash algroitm (OpenSSL EVP_MD). Example: EVP_sha512().
-        /// \return Returns decrypted data or "", if error happened.
-        ///
-        QByteArray encryptAesBlockCipher(QByteArray data, QByteArray key,
-            QByteArray iv = "", const int& rounds = Aes256Rounds,
-            const EVP_CIPHER* cipher = EVP_aes_256_cbc(), const EVP_MD* md = EVP_sha512());
-
-        ///
-        /// \brief decryptAesBlockCipher - Function decrypts data with Aes Block Cipher algorithm.
-        /// \param data - Data that will be decrypted.
-        /// \param key - AES key.
-        /// \param iv - Initialization vector.
-        /// \param password - Decryption password.
-        /// \param salt - Random delta.
-        /// \param rounds - Transformation rounds.
-        /// \param chiper - Can be used with OpenSSL EVP_CIPHER (ecb, cbc, cfb, ofb, ctr) - 128, 192, 256. Example: EVP_aes_256_cbc().
-        /// \param md - Hash algroitm (OpenSSL EVP_MD). Example: EVP_sha512().
-        /// \return Returns decrypted data or "", if error happened.
-        ///
-        QByteArray decryptAesBlockCipher(QByteArray data, QByteArray key,
-            QByteArray iv = "", const int& rounds = Aes256Rounds,
-            const EVP_CIPHER* cipher = EVP_aes_256_cbc(), const EVP_MD* md = EVP_sha512());
-
-        ///
-        /// \brief error - Error handler class.
-        ///
-        QCryptoError error;
-    };
-} // namespace QSimpleCrypto
-
-#endif // QBLOCKCIPHER_H

client/3rd/QSimpleCrypto/include/QCryptoError.h

@@ -1,45 +0,0 @@
-#ifndef QCRYPTOERROR_H
-#define QCRYPTOERROR_H
-
-#include <QObject>
-
-#include "QSimpleCrypto_global.h"
-
-/// TODO: Add Special error code for each error.
-
-// clang-format off
-namespace QSimpleCrypto
-{
-    class QSIMPLECRYPTO_EXPORT QCryptoError : public QObject {
-        Q_OBJECT
-
-    public:
-        explicit QCryptoError(QObject* parent = nullptr);
-
-        ///
-        /// \brief setError - Sets error information
-        /// \param errorCode - Error code.
-        /// \param errorSummary - Error summary.
-        ///
-        inline void setError(const quint8 errorCode, const QString& errorSummary)
-        {
-            m_currentErrorCode = errorCode;
-            m_errorSummary = errorSummary;
-        }
-
-        ///
-        /// \brief lastError - Returns last error.
-        /// \return Returns eror ID and error Text.
-        ///
-        inline QPair<quint8, QString> lastError() const
-        {
-            return QPair<quint8, QString>(m_currentErrorCode, m_errorSummary);
-        }
-
-    private:
-        quint8 m_currentErrorCode;
-        QString m_errorSummary;
-    };
-}
-
-#endif // QCRYPTOERROR_H

client/3rd/QSimpleCrypto/include/QRsa.h

@@ -1,104 +0,0 @@
-/**
- * Copyright 2021 BrutalWizard (https://github.com/bru74lw1z4rd). All Rights Reserved.
- *
- * Licensed under the Apache License 2.0 (the "License"). You may not use
- * this file except in compliance with the License. You can obtain a copy
- * in the file LICENSE in the source distribution
-**/
-
-#ifndef QRSA_H
-#define QRSA_H
-
-#include "QSimpleCrypto_global.h"
-
-#include <QFile>
-#include <QObject>
-
-#include <memory>
-
-#include <openssl/err.h>
-#include <openssl/pem.h>
-#include <openssl/rsa.h>
-
-#include "QCryptoError.h"
-
-// clang-format off
-namespace QSimpleCrypto
-{
-    class QSIMPLECRYPTO_EXPORT QRsa {
-
-    #define PublicEncrypt 0
-    #define PrivateEncrypt 1
-    #define PublicDecrypt 2
-    #define PrivateDecrypt 3
-
-    public:
-        QRsa();
-
-        ///
-        /// \brief generateRsaKeys - Function generate Rsa Keys and returns them in OpenSSL structure.
-        /// \param bits - RSA key size.
-        /// \param rsaBigNumber - The exponent is an odd number, typically 3, 17 or 65537.
-        /// \return Returns 'OpenSSL RSA structure' or 'nullptr', if error happened. Returned value must be cleaned up with 'RSA_free()' to avoid memory leak.
-        ///
-        RSA* generateRsaKeys(const int& bits, const int& rsaBigNumber);
-
-        ///
-        /// \brief savePublicKey - Saves to file RSA public key.
-        /// \param rsa - OpenSSL RSA structure.
-        /// \param publicKeyFileName - Public key file name.
-        ///
-        void savePublicKey(RSA *rsa, const QByteArray& publicKeyFileName);
-
-        ///
-        /// \brief savePrivateKey - Saves to file RSA private key.
-        /// \param rsa - OpenSSL RSA structure.
-        /// \param privateKeyFileName - Private key file name.
-        /// \param password - Private key password.
-        /// \param cipher - Can be used with 'OpenSSL EVP_CIPHER' (ecb, cbc, cfb, ofb, ctr) - 128, 192, 256. Example: EVP_aes_256_cbc().
-        ///
-        void savePrivateKey(RSA* rsa, const QByteArray& privateKeyFileName, QByteArray password = "", const EVP_CIPHER* cipher = nullptr);
-
-        ///
-        /// \brief getPublicKeyFromFile - Gets RSA public key from a file.
-        /// \param filePath - File path to public key file.
-        /// \return Returns 'OpenSSL EVP_PKEY structure' or 'nullptr', if error happened. Returned value must be cleaned up with 'EVP_PKEY_free()' to avoid memory leak.
-        ///
-        EVP_PKEY* getPublicKeyFromFile(const QByteArray& filePath);
-
-        ///
-        /// \brief getPrivateKeyFromFile - Gets RSA private key from a file.
-        /// \param filePath - File path to private key file.
-        /// \param password - Private key password.
-        /// \return - Returns 'OpenSSL EVP_PKEY structure' or 'nullptr', if error happened. Returned value must be cleaned up with 'EVP_PKEY_free()' to avoid memory leak.
-        ///
-        EVP_PKEY* getPrivateKeyFromFile(const QByteArray& filePath, const QByteArray& password = "");
-
-        ///
-        /// \brief encrypt - Encrypt data with RSA algorithm.
-        /// \param plaintext - Text that must be encrypted.
-        /// \param rsa - OpenSSL RSA structure.
-        /// \param encryptType - Public or private encrypt type. (PUBLIC_ENCRYPT, PRIVATE_ENCRYPT).
-        /// \param padding - OpenSSL RSA padding can be used with: 'RSA_PKCS1_PADDING', 'RSA_NO_PADDING' and etc.
-        /// \return Returns encrypted data or "", if error happened.
-        ///
-        QByteArray encrypt(QByteArray plainText, RSA* rsa, const int& encryptType = PublicEncrypt, const int& padding = RSA_PKCS1_PADDING);
-
-        ///
-        /// \brief decrypt - Decrypt data with RSA algorithm.
-        /// \param cipherText - Text that must be decrypted.
-        /// \param rsa - OpenSSL RSA structure.
-        /// \param decryptType - Public or private type. (PUBLIC_DECRYPT, PRIVATE_DECRYPT).
-        /// \param padding  - RSA padding can be used with: 'RSA_PKCS1_PADDING', 'RSA_NO_PADDING' and etc.
-        /// \return - Returns decrypted data or "", if error happened.
-        ///
-        QByteArray decrypt(QByteArray cipherText, RSA* rsa, const int& decryptType = PrivateDecrypt, const int& padding = RSA_PKCS1_PADDING);
-
-        ///
-        /// \brief error - Error handler class.
-        ///
-        QCryptoError error;
-    };
-} // namespace QSimpleCrypto
-
-#endif // QRSA_H

client/3rd/QSimpleCrypto/include/QSimpleCrypto_global.h

@@ -1,9 +0,0 @@
-#ifndef QSIMPLECRYPTO_GLOBAL_H
-#define QSIMPLECRYPTO_GLOBAL_H
-
-#include <QtCore/qglobal.h>
-#include <stdexcept>
-
-#define QSIMPLECRYPTO_EXPORT
-
-#endif // QSIMPLECRYPTO_GLOBAL_H

client/3rd/QSimpleCrypto/include/QX509.h

@@ -1,87 +0,0 @@
-/**
- * Copyright 2021 BrutalWizard (https://github.com/bru74lw1z4rd). All Rights Reserved.
- *
- * Licensed under the Apache License 2.0 (the "License"). You may not use
- * this file except in compliance with the License. You can obtain a copy
- * in the file LICENSE in the source distribution
-**/
-
-#ifndef QX509_H
-#define QX509_H
-
-#include "QSimpleCrypto_global.h"
-
-#include <QMap>
-#include <QObject>
-
-#include <memory>
-
-#include <openssl/bio.h>
-#include <openssl/err.h>
-#include <openssl/pem.h>
-#include <openssl/x509.h>
-#include <openssl/x509_vfy.h>
-
-#include "QCryptoError.h"
-
-// clang-format off
-namespace QSimpleCrypto
-{
-    class QSIMPLECRYPTO_EXPORT QX509 {
-
-    #define oneYear 31536000L
-    #define x509LastVersion 2
-
-    public:
-        QX509();
-
-        ///
-        /// \brief loadCertificateFromFile - Function load X509 from file and returns OpenSSL structure.
-        /// \param fileName - File path to certificate.
-        /// \return Returns OpenSSL X509 structure or nullptr, if error happened. Returned value must be cleaned up with 'X509_free' to avoid memory leak.
-        ///
-        X509* loadCertificateFromFile(const QByteArray& fileName);
-
-        ///
-        /// \brief signCertificate - Function signs X509 certificate and returns signed X509 OpenSSL structure.
-        /// \param endCertificate - Certificate that will be signed
-        /// \param caCertificate - CA certificate that will sign end certificate
-        /// \param caPrivateKey - CA certificate private key
-        /// \param fileName - With that name certificate will be saved. Leave "", if don't need to save it
-        /// \return Returns OpenSSL X509 structure or nullptr, if error happened.
-        ///
-        X509* signCertificate(X509* endCertificate, X509* caCertificate, EVP_PKEY* caPrivateKey, const QByteArray& fileName = "");
-
-        ///
-        /// \brief verifyCertificate - Function verifies X509 certificate and returns verified X509 OpenSSL structure.
-        /// \param x509 - OpenSSL X509. That certificate will be verified.
-        /// \param store - Trusted certificate must be added to X509_Store with 'addCertificateToStore(X509_STORE* ctx, X509* x509)'.
-        /// \return Returns OpenSSL X509 structure or nullptr, if error happened
-        ///
-        X509* verifyCertificate(X509* x509, X509_STORE* store);
-
-        ///
-        /// \brief generateSelfSignedCertificate - Function generatesand returns  self signed X509.
-        /// \param rsa - OpenSSL RSA.
-        /// \param additionalData - Certificate information.
-        /// \param certificateFileName - With that name certificate will be saved. Leave "", if don't need to save it.
-        /// \param md - OpenSSL EVP_MD structure. Example: EVP_sha512().
-        /// \param serialNumber - X509 certificate serial number.
-        /// \param version - X509 certificate version.
-        /// \param notBefore - X509 start date.
-        /// \param notAfter - X509 end date.
-        /// \return Returns OpenSSL X509 structure or nullptr, if error happened. Returned value must be cleaned up with 'X509_free' to avoid memory leak.
-        ///
-        X509* generateSelfSignedCertificate(RSA* rsa, const QMap<QByteArray, QByteArray>& additionalData,
-            const QByteArray& certificateFileName = "", const EVP_MD* md = EVP_sha512(),
-            const long& serialNumber = 1, const long& version = x509LastVersion,
-            const long& notBefore = 0, const long& notAfter = oneYear);
-
-        ///
-        /// \brief error - Error handler class.
-        ///
-        QCryptoError error;
-    };
-} // namespace QSimpleCrypto
-
-#endif // QX509_H

client/3rd/QSimpleCrypto/include/QX509Store.h

@@ -1,120 +0,0 @@
-/**
- * Copyright 2021 BrutalWizard (https://github.com/bru74lw1z4rd). All Rights Reserved.
- *
- * Licensed under the Apache License 2.0 (the "License"). You may not use
- * this file except in compliance with the License. You can obtain a copy
- * in the file LICENSE in the source distribution
-**/
-
-#ifndef QX509STORE_H
-#define QX509STORE_H
-
-#include "QSimpleCrypto_global.h"
-
-#include <QDir>
-#include <QFile>
-#include <QFileInfo>
-
-#include <memory>
-
-#include <openssl/err.h>
-#include <openssl/x509_vfy.h>
-#include <openssl/x509v3.h>
-
-#include "QCryptoError.h"
-
-// clang-format off
-namespace QSimpleCrypto
-{
-    class QSIMPLECRYPTO_EXPORT QX509Store {
-    public:
-        QX509Store();
-
-        ///
-        /// \brief addCertificateToStore
-        /// \param store - OpenSSL X509_STORE.
-        /// \param x509 - OpenSSL X509.
-        /// \return Returns 'true' on success and 'false', if error happened.
-        ///
-        bool addCertificateToStore(X509_STORE* store, X509* x509);
-
-        ///
-        /// \brief addLookup
-        /// \param store - OpenSSL X509_STORE.
-        /// \param method - OpenSSL X509_LOOKUP_METHOD. Example: X509_LOOKUP_file.
-        /// \return Returns 'true' on success and 'false', if error happened.
-        ///
-        bool addLookup(X509_STORE* store, X509_LOOKUP_METHOD* method);
-
-        ///
-        /// \brief setCertificateDepth
-        /// \param store - OpenSSL X509_STORE.
-        /// \param depth - That is the maximum number of untrusted CA certificates that can appear in a chain. Example: 0.
-        /// \return Returns 'true' on success and 'false', if error happened.
-        ///
-        bool setDepth(X509_STORE* store, const int& depth);
-
-        ///
-        /// \brief setFlag
-        /// \param store - OpenSSL X509_STORE.
-        /// \param flag - The verification flags consists of zero or more of the following flags ored together. Example: X509_V_FLAG_CRL_CHECK.
-        /// \return Returns 'true' on success and 'false', if error happened.
-        ///
-        bool setFlag(X509_STORE* store, const unsigned long& flag);
-
-        ///
-        /// \brief setFlag
-        /// \param store - OpenSSL X509_STORE.
-        /// \param purpose - Verification purpose in param to purpose. Example: X509_PURPOSE_ANY.
-        /// \return Returns 'true' on success and 'false', if error happened.
-        ///
-        bool setPurpose(X509_STORE* store, const int& purpose);
-
-        ///
-        /// \brief setTrust
-        /// \param store - OpenSSL X509_STORE.
-        /// \param trust - Trust Level. Example: X509_TRUST_SSL_SERVER.
-        /// \return Returns 'true' on success and 'false', if error happened.
-        ///
-        bool setTrust(X509_STORE* store, const int& trust);
-
-        ///
-        /// \brief setDefaultPaths
-        /// \param store - OpenSSL X509_STORE.
-        /// \return Returns 'true' on success and 'false', if error happened.
-        ///
-        bool setDefaultPaths(X509_STORE* store);
-
-        ///
-        /// \brief loadLocations
-        /// \param store - OpenSSL X509_STORE.
-        /// \param fileName - File name. Example: "caCertificate.pem".
-        /// \param dirPath - Path to file. Example: "path/To/File".
-        /// \return Returns 'true' on success and 'false', if error happened.
-        ///
-        bool loadLocations(X509_STORE* store, const QByteArray& fileName, const QByteArray& dirPath);
-
-        ///
-        /// \brief loadLocations
-        /// \param store - OpenSSL X509_STORE.
-        /// \param file - Qt QFile that will be loaded.
-        /// \return Returns 'true' on success and 'false', if error happened.
-        ///
-        bool loadLocations(X509_STORE* store, const QFile& file);
-
-        ///
-        /// \brief loadLocations
-        /// \param store - OpenSSL X509_STORE.
-        /// \param fileInfo - Qt QFileInfo.
-        /// \return Returns 'true' on success and 'false', if error happened.
-        ///
-        bool loadLocations(X509_STORE* store, const QFileInfo& fileInfo);
-
-        ///
-        /// \brief error - Error handler class.
-        ///
-        QCryptoError error;
-    };
-}
-
-#endif // QX509STORE_H

client/3rd/QSimpleCrypto/sources/QAead.cpp

@@ -1,364 +0,0 @@
-/**
- * Copyright 2021 BrutalWizard (https://github.com/bru74lw1z4rd). All Rights Reserved.
- *
- * Licensed under the Apache License 2.0 (the "License"). You may not use
- * this file except in compliance with the License. You can obtain a copy
- * in the file LICENSE in the source distribution
-**/
-
-#include "include/QAead.h"
-
-QSimpleCrypto::QAead::QAead()
-{
-}
-
-///
-/// \brief QSimpleCrypto::QAEAD::encryptAesGcm - Function encrypts data with Gcm algorithm.
-/// \param data - Data that will be encrypted.
-/// \param key - AES key.
-/// \param iv - Initialization vector.
-/// \param tag - Authorization tag.
-/// \param aad - Additional authenticated data. Must be nullptr, if not used.
-/// \param cipher - Can be used with OpenSSL EVP_CIPHER (gcm) - 128, 192, 256. Example: EVP_aes_256_gcm().
-/// \return Returns encrypted data or "", if error happened.
-///
-QByteArray QSimpleCrypto::QAead::encryptAesGcm(QByteArray data, QByteArray key, QByteArray iv, QByteArray* tag, QByteArray aad, const EVP_CIPHER* cipher)
-{
-    try {
-        /* Initialize EVP_CIPHER_CTX */
-        std::unique_ptr<EVP_CIPHER_CTX, void (*)(EVP_CIPHER_CTX*)> encryptionCipher { EVP_CIPHER_CTX_new(), EVP_CIPHER_CTX_free };
-        if (encryptionCipher == nullptr) {
-            throw std::runtime_error("Couldn't initialize \'encryptionCipher\'. EVP_CIPHER_CTX_new(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        }
-
-        /* Set data length */
-        int plainTextLength = data.size();
-        int cipherTextLength = 0;
-
-        /* Initialize cipherText. Here encrypted data will be stored */
-        std::unique_ptr<unsigned char[]> cipherText { new unsigned char[plainTextLength]() };
-        if (cipherText == nullptr) {
-            throw std::runtime_error("Couldn't allocate memory for 'ciphertext'.");
-        }
-
-        /* Initialize encryption operation. */
-        if (!EVP_EncryptInit_ex(encryptionCipher.get(), cipher, nullptr, reinterpret_cast<unsigned char*>(key.data()), reinterpret_cast<unsigned char*>(iv.data()))) {
-            throw std::runtime_error("Couldn't initialize encryption operation. EVP_EncryptInit_ex(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        }
-
-        /* Set IV length if default 12 bytes (96 bits) is not appropriate */
-        if (!EVP_CIPHER_CTX_ctrl(encryptionCipher.get(), EVP_CTRL_GCM_SET_IVLEN, iv.length(), nullptr)) {
-            throw std::runtime_error("Couldn't set IV length. EVP_CIPHER_CTX_ctrl(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        }
-
-//        /* Check if aad need to be used */
-//        if (aad.length() > 0) {
-//            /* Provide any AAD data. This can be called zero or more times as required */
-//            if (!EVP_EncryptUpdate(encryptionCipher.get(), nullptr, &cipherTextLength, reinterpret_cast<unsigned char*>(aad.data()), aad.length())) {
-//                throw std::runtime_error("Couldn't provide aad data. EVP_EncryptUpdate(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-//            }
-//        }
-
-        /*
-         * Provide the message to be encrypted, and obtain the encrypted output.
-         * EVP_EncryptUpdate can be called multiple times if necessary
-        */
-        if (!EVP_EncryptUpdate(encryptionCipher.get(), cipherText.get(), &cipherTextLength, reinterpret_cast<const unsigned char*>(data.data()), plainTextLength)) {
-            throw std::runtime_error("Couldn't provide message to be encrypted. EVP_EncryptUpdate(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        }
-
-        /*
-         * Finalize the encryption. Normally cipher text bytes may be written at
-         * this stage, but this does not occur in GCM mode
-        */
-        if (!EVP_EncryptFinal_ex(encryptionCipher.get(), cipherText.get(), &plainTextLength)) {
-            throw std::runtime_error("Couldn't finalize encryption. EVP_EncryptFinal_ex(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        }
-
-//        /* Get tag */
-//        if (!EVP_CIPHER_CTX_ctrl(encryptionCipher.get(), EVP_CTRL_GCM_GET_TAG, tag->length(), reinterpret_cast<unsigned char*>(tag->data()))) {
-//            throw std::runtime_error("Couldn't get tag. EVP_CIPHER_CTX_ctrl(. Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-//        }
-
-        /* Finilize data to be readable with qt */
-        QByteArray encryptedData = QByteArray(reinterpret_cast<char*>(cipherText.get()), cipherTextLength);
-
-        return encryptedData;
-
-    } catch (std::exception& exception) {
-        QSimpleCrypto::QAead::error.setError(1, exception.what());
-        return QByteArray();
-    } catch (...) {
-        QSimpleCrypto::QAead::error.setError(2, "Unknown error!");
-        return QByteArray();
-    }
-
-    return QByteArray();
-}
-
-///
-/// \brief QSimpleCrypto::QAEAD::decryptAesGcm - Function decrypts data with Gcm algorithm.
-/// \param data - Data that will be decrypted
-/// \param key - AES key
-/// \param iv - Initialization vector
-/// \param tag - Authorization tag
-/// \param aad - Additional authenticated data. Must be nullptr, if not used
-/// \param cipher - Can be used with OpenSSL EVP_CIPHER (gcm) - 128, 192, 256. Example: EVP_aes_256_gcm()
-/// \return Returns decrypted data or "", if error happened.
-///
-QByteArray QSimpleCrypto::QAead::decryptAesGcm(QByteArray data, QByteArray key, QByteArray iv, QByteArray* tag, QByteArray aad, const EVP_CIPHER* cipher)
-{
-    try {
-        /* Initialize EVP_CIPHER_CTX */
-        std::unique_ptr<EVP_CIPHER_CTX, void (*)(EVP_CIPHER_CTX*)> decryptionCipher { EVP_CIPHER_CTX_new(), EVP_CIPHER_CTX_free };
-        if (decryptionCipher.get() == nullptr) {
-            throw std::runtime_error("Couldn't initialize \'decryptionCipher\'. EVP_CIPHER_CTX_new(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        }
-
-        /* Set data length */
-        int cipherTextLength = data.size();
-        int plainTextLength = 0;
-
-        /* Initialize plainText. Here decrypted data will be stored */
-        std::unique_ptr<unsigned char[]> plainText { new unsigned char[cipherTextLength]() };
-        if (plainText == nullptr) {
-            throw std::runtime_error("Couldn't allocate memory for 'plaintext'.");
-        }
-
-        /* Initialize decryption operation. */
-        if (!EVP_DecryptInit_ex(decryptionCipher.get(), cipher, nullptr, reinterpret_cast<unsigned char*>(key.data()), reinterpret_cast<unsigned char*>(iv.data()))) {
-            throw std::runtime_error("Couldn't initialize decryption operation. EVP_DecryptInit_ex(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        }
-
-        /* Set IV length. Not necessary if this is 12 bytes (96 bits) */
-        if (!EVP_CIPHER_CTX_ctrl(decryptionCipher.get(), EVP_CTRL_GCM_SET_IVLEN, iv.length(), nullptr)) {
-            throw std::runtime_error("Couldn't set IV length. EVP_CIPHER_CTX_ctrl(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        }
-
-//        /* Check if aad need to be used */
-//        if (aad.length() > 0) {
-//            /* Provide any AAD data. This can be called zero or more times as required */
-//            if (!EVP_DecryptUpdate(decryptionCipher.get(), nullptr, &plainTextLength, reinterpret_cast<unsigned char*>(aad.data()), aad.length())) {
-//                throw std::runtime_error("Couldn't provide aad data. EVP_DecryptUpdate(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-//            }
-//        }
-
-        /*
-         * Provide the message to be decrypted, and obtain the plain text output.
-         * EVP_DecryptUpdate can be called multiple times if necessary
-        */
-        if (!EVP_DecryptUpdate(decryptionCipher.get(), plainText.get(), &plainTextLength, reinterpret_cast<const unsigned char*>(data.data()), cipherTextLength)) {
-            throw std::runtime_error("Couldn't provide message to be decrypted. EVP_DecryptUpdate(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        }
-
-//        /* Set expected tag value. Works in OpenSSL 1.0.1d and later */
-//        if (!EVP_CIPHER_CTX_ctrl(decryptionCipher.get(), EVP_CTRL_GCM_SET_TAG, tag->length(), reinterpret_cast<unsigned char*>(tag->data()))) {
-//            throw std::runtime_error("Coldn't set tag. EVP_CIPHER_CTX_ctrl(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-//        }
-
-        /*
-         * Finalize the decryption. A positive return value indicates success,
-         * anything else is a failure - the plain text is not trustworthy.
-        */
-        if (!EVP_DecryptFinal_ex(decryptionCipher.get(), plainText.get(), &cipherTextLength)) {
-            throw std::runtime_error("Couldn't finalize decryption. EVP_DecryptFinal_ex(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        }
-
-        /* Finilize data to be readable with qt */
-        QByteArray decryptedData = QByteArray(reinterpret_cast<char*>(plainText.get()), plainTextLength);
-
-        return decryptedData;
-
-    } catch (std::exception& exception) {
-        QSimpleCrypto::QAead::error.setError(1, exception.what());
-        return QByteArray();
-    } catch (...) {
-        QSimpleCrypto::QAead::error.setError(2, "Unknown error!");
-        return QByteArray();
-    }
-
-    return QByteArray();
-}
-
-///
-/// \brief QSimpleCrypto::QAEAD::encryptAesCcm - Function encrypts data with Ccm algorithm.
-/// \param data - Data that will be encrypted.
-/// \param key - AES key.
-/// \param iv - Initialization vector.
-/// \param tag - Authorization tag.
-/// \param aad - Additional authenticated data. Must be nullptr, if not used.
-/// \param cipher - Can be used with OpenSSL EVP_CIPHER (ccm) - 128, 192, 256. Example: EVP_aes_256_ccm().
-/// \return Returns encrypted data or "", if error happened.
-///
-QByteArray QSimpleCrypto::QAead::encryptAesCcm(QByteArray data, QByteArray key, QByteArray iv, QByteArray* tag, QByteArray aad, const EVP_CIPHER* cipher)
-{
-    try {
-        /* Initialize EVP_CIPHER_CTX */
-        std::unique_ptr<EVP_CIPHER_CTX, void (*)(EVP_CIPHER_CTX*)> encryptionCipher { EVP_CIPHER_CTX_new(), EVP_CIPHER_CTX_free };
-        if (encryptionCipher == nullptr) {
-            throw std::runtime_error("Couldn't initialize \'encryptionCipher\'. EVP_CIPHER_CTX_new(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        }
-
-        /* Set data length */
-        int plainTextLength = data.size();
-        int cipherTextLength = 0;
-
-        /* Initialize cipherText. Here encrypted data will be stored */
-        std::unique_ptr<unsigned char[]> cipherText { new unsigned char[plainTextLength]() };
-        if (cipherText.get() == nullptr) {
-            throw std::runtime_error("Couldn't allocate memory for 'ciphertext'.");
-        }
-
-        /* Initialize encryption operation. */
-        if (!EVP_EncryptInit_ex(encryptionCipher.get(), cipher, nullptr, reinterpret_cast<unsigned char*>(key.data()), reinterpret_cast<unsigned char*>(iv.data()))) {
-            throw std::runtime_error("Couldn't initialize encryption operation. EVP_EncryptInit_ex(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        }
-
-        /* Set IV length if default 12 bytes (96 bits) is not appropriate */
-        if (!EVP_CIPHER_CTX_ctrl(encryptionCipher.get(), EVP_CTRL_CCM_SET_IVLEN, iv.length(), nullptr)) {
-            throw std::runtime_error("Couldn't set IV length. EVP_CIPHER_CTX_ctrl(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        }
-
-        /* Set tag length */
-        if (!EVP_CIPHER_CTX_ctrl(encryptionCipher.get(), EVP_CTRL_CCM_SET_TAG, tag->length(), nullptr)) {
-            throw std::runtime_error("Coldn't set tag. EVP_CIPHER_CTX_ctrl(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        }
-
-        /* Check if aad need to be used */
-        if (aad.length() > 0) {
-            /* Provide the total plain text length */
-            if (!EVP_EncryptUpdate(encryptionCipher.get(), nullptr, &cipherTextLength, nullptr, plainTextLength)) {
-                throw std::runtime_error("Couldn't provide total plaintext length. EVP_EncryptUpdate(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-            }
-
-            /* Provide any AAD data. This can be called zero or more times as required */
-            if (!EVP_EncryptUpdate(encryptionCipher.get(), nullptr, &cipherTextLength, reinterpret_cast<unsigned char*>(aad.data()), aad.length())) {
-                throw std::runtime_error("Couldn't provide aad data. EVP_EncryptUpdate(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-            }
-        }
-
-        /*
-         * Provide the message to be encrypted, and obtain the encrypted output.
-         * EVP_EncryptUpdate can be called multiple times if necessary
-        */
-        if (!EVP_EncryptUpdate(encryptionCipher.get(), cipherText.get(), &cipherTextLength, reinterpret_cast<const unsigned char*>(data.data()), plainTextLength)) {
-            throw std::runtime_error("Couldn't provide message to be encrypted. EVP_EncryptUpdate(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        }
-
-        /*
-         * Finalize the encryption. Normally ciphertext bytes may be written at
-         * this stage, but this does not occur in GCM mode
-        */
-        if (!EVP_EncryptFinal_ex(encryptionCipher.get(), cipherText.get(), &plainTextLength)) {
-            throw std::runtime_error("Couldn't finalize encryption. EVP_EncryptFinal_ex(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        }
-
-        /* Get tag */
-        if (!EVP_CIPHER_CTX_ctrl(encryptionCipher.get(), EVP_CTRL_CCM_GET_TAG, tag->length(), reinterpret_cast<unsigned char*>(tag->data()))) {
-            throw std::runtime_error("Couldn't get tag. EVP_CIPHER_CTX_ctrl(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        }
-
-        /* Finilize data to be readable with qt */
-        QByteArray encryptedData = QByteArray(reinterpret_cast<char*>(cipherText.get()), cipherTextLength);
-
-        return encryptedData;
-
-    } catch (std::exception& exception) {
-        QSimpleCrypto::QAead::error.setError(1, exception.what());
-        return QByteArray();
-    } catch (...) {
-        QSimpleCrypto::QAead::error.setError(2, "Unknown error!");
-        return QByteArray();
-    }
-
-    return QByteArray();
-}
-
-///
-/// \brief QSimpleCrypto::QAEAD::decryptAesCcm - Function decrypts data with Ccm algorithm.
-/// \param data - Data that will be decrypted.
-/// \param key - AES key.
-/// \param iv - Initialization vector.
-/// \param tag - Authorization tag.
-/// \param aad - Additional authenticated data. Must be nullptr, if not used.
-/// \param cipher - Can be used with OpenSSL EVP_CIPHER (ccm) - 128, 192, 256. Example: EVP_aes_256_ccm().
-/// \return Returns decrypted data or "", if error happened.
-///
-QByteArray QSimpleCrypto::QAead::decryptAesCcm(QByteArray data, QByteArray key, QByteArray iv, QByteArray* tag, QByteArray aad, const EVP_CIPHER* cipher)
-{
-    try {
-        /* Initialize EVP_CIPHER_CTX */
-        std::unique_ptr<EVP_CIPHER_CTX, void (*)(EVP_CIPHER_CTX*)> decryptionCipher { EVP_CIPHER_CTX_new(), EVP_CIPHER_CTX_free };
-        if (decryptionCipher.get() == nullptr) {
-            throw std::runtime_error("Couldn't initialize \'decryptionCipher\'. EVP_CIPHER_CTX_new(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        }
-
-        /* Set data length */
-        int cipherTextLength = data.size();
-        int plainTextLength = 0;
-
-        /* Initialize plainText. Here decrypted data will be stored */
-        std::unique_ptr<unsigned char[]> plainText { new unsigned char[cipherTextLength]() };
-        if (plainText == nullptr) {
-            throw std::runtime_error("Couldn't allocate memory for 'plaintext'.");
-        }
-
-        /* Initialize decryption operation. */
-        if (!EVP_DecryptInit_ex(decryptionCipher.get(), cipher, nullptr, reinterpret_cast<unsigned char*>(key.data()), reinterpret_cast<unsigned char*>(iv.data()))) {
-            throw std::runtime_error("Couldn't initialize decryption operation. EVP_DecryptInit_ex(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        }
-
-        /* Set IV length. Not necessary if this is 12 bytes (96 bits) */
-        if (!EVP_CIPHER_CTX_ctrl(decryptionCipher.get(), EVP_CTRL_CCM_SET_IVLEN, iv.length(), nullptr)) {
-            throw std::runtime_error("Couldn't set IV length. EVP_CIPHER_CTX_ctrl(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        }
-
-        /* Set expected tag value. Works in OpenSSL 1.0.1d and later */
-        if (!EVP_CIPHER_CTX_ctrl(decryptionCipher.get(), EVP_CTRL_CCM_SET_TAG, tag->length(), reinterpret_cast<unsigned char*>(tag->data()))) {
-            throw std::runtime_error("Coldn't set tag. EVP_CIPHER_CTX_ctrl(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        }
-
-        /* Check if aad need to be used */
-        if (aad.length() > 0) {
-            /* Provide the total ciphertext length */
-            if (!EVP_DecryptUpdate(decryptionCipher.get(), nullptr, &plainTextLength, nullptr, cipherTextLength)) {
-                throw std::runtime_error("Couldn't provide total plaintext length. EVP_DecryptUpdate(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-            }
-
-            /* Provide any AAD data. This can be called zero or more times as required */
-            if (!EVP_DecryptUpdate(decryptionCipher.get(), nullptr, &plainTextLength, reinterpret_cast<unsigned char*>(aad.data()), aad.length())) {
-                throw std::runtime_error("Couldn't provide aad data. EVP_DecryptUpdate(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-            }
-        }
-
-        /*
-         * Provide the message to be decrypted, and obtain the plaintext output.
-         * EVP_DecryptUpdate can be called multiple times if necessary
-        */
-        if (!EVP_DecryptUpdate(decryptionCipher.get(), plainText.get(), &plainTextLength, reinterpret_cast<const unsigned char*>(data.data()), cipherTextLength)) {
-            throw std::runtime_error("Couldn't provide message to be decrypted. EVP_DecryptUpdate(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        }
-
-        /*
-         * Finalize the decryption. A positive return value indicates success,
-         * anything else is a failure - the plaintext is not trustworthy.
-        */
-        if (!EVP_DecryptFinal_ex(decryptionCipher.get(), plainText.get(), &cipherTextLength)) {
-            throw std::runtime_error("Couldn't finalize decryption. EVP_DecryptFinal_ex(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        }
-
-        /* Finilize data to be readable with qt */
-        QByteArray decryptedData = QByteArray(reinterpret_cast<char*>(plainText.get()), plainTextLength);
-
-        return decryptedData;
-
-    } catch (std::exception& exception) {
-        QSimpleCrypto::QAead::error.setError(1, exception.what());
-        return QByteArray();
-    } catch (...) {
-        QSimpleCrypto::QAead::error.setError(2, "Unknown error!");
-        return QByteArray();
-    }
-
-    return QByteArray();
-}

client/3rd/QSimpleCrypto/sources/QBlockCipher.cpp

@@ -1,193 +0,0 @@
-/**
- * Copyright 2021 BrutalWizard (https://github.com/bru74lw1z4rd). All Rights Reserved.
- *
- * Licensed under the Apache License 2.0 (the "License"). You may not use
- * this file except in compliance with the License. You can obtain a copy
- * in the file LICENSE in the source distribution
-**/
-
-#include "include/QBlockCipher.h"
-
-QSimpleCrypto::QBlockCipher::QBlockCipher()
-{
-}
-
-///
-/// \brief QSimpleCrypto::QBlockCipher::generateRandomBytes - Function generates random bytes by size.
-/// \param size - Size of generated bytes.
-/// \return Returns random bytes.
-///
-QByteArray QSimpleCrypto::QBlockCipher::generateRandomBytes(const int& size)
-{
-    unsigned char arr[sizeof(size)];
-    RAND_bytes(arr, sizeof(size));
-
-    QByteArray buffer = QByteArray(reinterpret_cast<char*>(arr), size);
-    return buffer;
-}
-
-QByteArray QSimpleCrypto::QBlockCipher::generateSecureRandomBytes(const int &size)
-{
-    unsigned char arr[sizeof(size)];
-    RAND_priv_bytes(arr, sizeof(size));
-
-    QByteArray buffer = QByteArray(reinterpret_cast<char*>(arr), size);
-    return buffer;
-}
-
-///
-/// \brief QSimpleCrypto::QBlockCipher::encryptAesBlockCipher - Function encrypts data with Aes Block Cipher algorithm.
-/// \param data - Data that will be encrypted.
-/// \param key - AES key.
-/// \param iv - Initialization vector.
-/// \param password - Encryption password.
-/// \param salt - Random delta.
-/// \param rounds - Transformation rounds.
-/// \param chiper - Can be used with OpenSSL EVP_CIPHER (ecb, cbc, cfb, ofb, ctr) - 128, 192, 256. Example: EVP_aes_256_cbc().
-/// \param md - Hash algroitm (OpenSSL EVP_MD). Example: EVP_sha512().
-/// \return Returns decrypted data or "", if error happened.
-///
-QByteArray QSimpleCrypto::QBlockCipher::encryptAesBlockCipher(QByteArray data, QByteArray key,
-    QByteArray iv,
-    const int& rounds, const EVP_CIPHER* cipher, const EVP_MD* md)
-{
-    try {
-        /* Initialize EVP_CIPHER_CTX */
-        std::unique_ptr<EVP_CIPHER_CTX, void (*)(EVP_CIPHER_CTX*)> encryptionCipher { EVP_CIPHER_CTX_new(), EVP_CIPHER_CTX_free };
-        if (encryptionCipher == nullptr) {
-            throw std::runtime_error("Couldn't initialize \'encryptionCipher\'. EVP_CIPHER_CTX_new(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        }
-
-        /* Reinterpret values for multi use */
-        unsigned char* m_key = reinterpret_cast<unsigned char*>(key.data());
-        unsigned char* m_iv = reinterpret_cast<unsigned char*>(iv.data());
-
-        /* Set data length */
-        int cipherTextLength(data.size() + AES_BLOCK_SIZE);
-        int finalLength = 0;
-
-        /* Initialize cipcherText. Here encrypted data will be stored */
-        std::unique_ptr<unsigned char[]> cipherText { new unsigned char[cipherTextLength]() };
-        if (cipherText == nullptr) {
-            throw std::runtime_error("Couldn't allocate memory for 'cipherText'.");
-        }
-
-        // Bug here
-//        /* Start encryption with password based encryption routine */
-//        if (!EVP_BytesToKey(cipher, md, reinterpret_cast<unsigned char*>(salt.data()), reinterpret_cast<unsigned char*>(password.data()), password.length(), rounds, m_key, m_iv)) {
-//            throw std::runtime_error("Couldn't start encryption routine. EVP_BytesToKey(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-//        }
-
-        /* Initialize encryption operation. */
-        if (!EVP_EncryptInit_ex(encryptionCipher.get(), cipher, nullptr, m_key, m_iv)) {
-            throw std::runtime_error("Couldn't initialize encryption operation. EVP_EncryptInit_ex(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        }
-
-        /*
-         * Provide the message to be encrypted, and obtain the encrypted output.
-         * EVP_EncryptUpdate can be called multiple times if necessary
-        */
-        if (!EVP_EncryptUpdate(encryptionCipher.get(), cipherText.get(), &cipherTextLength, reinterpret_cast<const unsigned char*>(data.data()), data.size())) {
-            throw std::runtime_error("Couldn't provide message to be encrypted. EVP_EncryptUpdate(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        }
-
-        /* Finalize the encryption. Normally ciphertext bytes may be written at this stage */
-        if (!EVP_EncryptFinal(encryptionCipher.get(), cipherText.get() + cipherTextLength, &finalLength)) {
-            throw std::runtime_error("Couldn't finalize encryption. EVP_EncryptFinal(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        }
-
-        /* Finilize data to be readable with qt */
-        QByteArray encryptedData = QByteArray(reinterpret_cast<char*>(cipherText.get()), cipherTextLength + finalLength);
-
-        return encryptedData;
-
-    } catch (std::exception& exception) {
-        QSimpleCrypto::QBlockCipher::error.setError(1, exception.what());
-        return QByteArray();
-    } catch (...) {
-        QSimpleCrypto::QBlockCipher::error.setError(2, "Unknown error!");
-        return QByteArray();
-    }
-
-    return QByteArray();
-}
-
-///
-/// \brief QSimpleCrypto::QBlockCipher::encryptAesBlockCipher - Function decrypts data with Aes Block Cipher algorithm.
-/// \param data - Data that will be decrypted.
-/// \param key - AES key.
-/// \param iv - Initialization vector.
-/// \param password - Decryption password.
-/// \param salt - Random delta.
-/// \param rounds - Transformation rounds.
-/// \param chiper - Can be used with OpenSSL EVP_CIPHER (ecb, cbc, cfb, ofb, ctr) - 128, 192, 256. Example: EVP_aes_256_cbc().
-/// \param md - Hash algroitm (OpenSSL EVP_MD). Example: EVP_sha512().
-/// \return Returns decrypted data or "", if error happened.
-///
-QByteArray QSimpleCrypto::QBlockCipher::decryptAesBlockCipher(QByteArray data, QByteArray key,
-    QByteArray iv,
-    const int& rounds, const EVP_CIPHER* cipher, const EVP_MD* md)
-{
-    try {
-        /* Initialize EVP_CIPHER_CTX */
-        std::unique_ptr<EVP_CIPHER_CTX, void (*)(EVP_CIPHER_CTX*)> decryptionCipher { EVP_CIPHER_CTX_new(), EVP_CIPHER_CTX_free };
-        if (decryptionCipher == nullptr) {
-            throw std::runtime_error("Couldn't initialize \'decryptionCipher\'. EVP_CIPHER_CTX_new(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        }
-
-        /* Reinterpret values for multi use */
-        unsigned char* m_key = reinterpret_cast<unsigned char*>(key.data());
-        unsigned char* m_iv = reinterpret_cast<unsigned char*>(iv.data());
-
-        /* Set data length */
-        int plainTextLength(data.size());
-        int finalLength = 0;
-
-        /* Initialize plainText. Here decrypted data will be stored */
-        std::unique_ptr<unsigned char[]> plainText { new unsigned char[plainTextLength + AES_BLOCK_SIZE]() };
-        if (plainText == nullptr) {
-            throw std::runtime_error("Couldn't allocate memory for \'plainText\'. EVP_CIPHER_CTX_new(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        }
-
-        // Bug here
-//        /* Start encryption with password based encryption routine */
-//        if (!EVP_BytesToKey(cipher, md, reinterpret_cast<const unsigned char*>(salt.data()), reinterpret_cast<const unsigned char*>(password.data()), password.length(), rounds, m_key, m_iv)) {
-//            throw std::runtime_error("Couldn't start decryption routine. EVP_BytesToKey(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-//        }
-
-        /* Initialize decryption operation. */
-        if (!EVP_DecryptInit_ex(decryptionCipher.get(), cipher, nullptr, m_key, m_iv)) {
-            throw std::runtime_error("Couldn't initialize decryption operation. EVP_DecryptInit_ex(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        }
-
-        /*
-         * Provide the message to be decrypted, and obtain the plaintext output.
-         * EVP_DecryptUpdate can be called multiple times if necessary
-        */
-        if (!EVP_DecryptUpdate(decryptionCipher.get(), plainText.get(), &plainTextLength, reinterpret_cast<const unsigned char*>(data.data()), data.size())) {
-            throw std::runtime_error("Couldn't provide message to be decrypted. EVP_DecryptUpdate(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        }
-
-        /*
-         * Finalize the decryption. A positive return value indicates success,
-         * anything else is a failure - the plaintext is not trustworthy.
-        */
-        if (!EVP_DecryptFinal(decryptionCipher.get(), plainText.get() + plainTextLength, &finalLength)) {
-            throw std::runtime_error("Couldn't finalize decryption. EVP_DecryptFinal. Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        }
-
-        /* Finilize data to be readable with qt */
-        QByteArray decryptedData = QByteArray(reinterpret_cast<char*>(plainText.get()), plainTextLength + finalLength);
-
-        return decryptedData;
-
-    } catch (std::exception& exception) {
-        QSimpleCrypto::QBlockCipher::error.setError(1, exception.what());
-        return QByteArray(exception.what());
-    } catch (...) {
-        QSimpleCrypto::QBlockCipher::error.setError(2, "Unknown error!");
-        return QByteArray();
-    }
-
-    return QByteArray();
-}

client/3rd/QSimpleCrypto/sources/QCryptoError.cpp

@@ -1,6 +0,0 @@
-#include "include/QCryptoError.h"
-
-QSimpleCrypto::QCryptoError::QCryptoError(QObject* parent)
-    : QObject(parent)
-{
-}

client/3rd/QSimpleCrypto/sources/QRsa.cpp

@@ -1,274 +0,0 @@
-/**
- * Copyright 2021 BrutalWizard (https://github.com/bru74lw1z4rd). All Rights Reserved.
- *
- * Licensed under the Apache License 2.0 (the "License"). You may not use
- * this file except in compliance with the License. You can obtain a copy
- * in the file LICENSE in the source distribution
-**/
-
-#include "include/QRsa.h"
-
-QSimpleCrypto::QRsa::QRsa()
-{
-}
-
-///
-/// \brief QSimpleCrypto::QRSA::generateRsaKeys - Function generate Rsa Keys and returns them in OpenSSL structure.
-/// \param bits - RSA key size.
-/// \param rsaBigNumber - The exponent is an odd number, typically 3, 17 or 65537.
-/// \return Returns 'OpenSSL RSA structure' or 'nullptr', if error happened. Returned value must be cleaned up with 'RSA_free()' to avoid memory leak.
-///
-RSA* QSimpleCrypto::QRsa::generateRsaKeys(const int& bits, const int& rsaBigNumber)
-{
-    try {
-        /* Initialize big number */
-        std::unique_ptr<BIGNUM, void (*)(BIGNUM*)> bigNumber { BN_new(), BN_free };
-        if (bigNumber == nullptr) {
-            throw std::runtime_error("Couldn't initialize \'bigNumber\'. BN_new(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-            return nullptr;
-        }
-
-        /* Set big number */
-        if (!BN_set_word(bigNumber.get(), rsaBigNumber)) {
-            throw std::runtime_error("Couldn't set bigNumber. BN_set_word(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        }
-
-        /* Initialize RSA */
-        RSA* rsa = nullptr;
-        if (!(rsa = RSA_new())) {
-            throw std::runtime_error("Couldn't initialize x509. X509_new(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        }
-
-        /* Generate key pair and store it in RSA */
-        if (!RSA_generate_key_ex(rsa, bits, bigNumber.get(), nullptr)) {
-            throw std::runtime_error("Couldn't generate RSA. RSA_generate_key_ex(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        }
-
-        return rsa;
-    } catch (std::exception& exception) {
-        QSimpleCrypto::QRsa::error.setError(1, exception.what());
-        return nullptr;
-    } catch (...) {
-        QSimpleCrypto::QRsa::error.setError(2, "Unknown error!");
-        return nullptr;
-    }
-}
-
-///
-/// \brief QSimpleCrypto::QRSA::savePublicKey - Saves to file RSA public key.
-/// \param rsa - OpenSSL RSA structure.
-/// \param publicKeyFileName - Public key file name.
-///
-void QSimpleCrypto::QRsa::savePublicKey(RSA* rsa, const QByteArray& publicKeyFileName)
-{
-    try {
-        /* Initialize BIO */
-        std::unique_ptr<BIO, void (*)(BIO*)> bioPublicKey { BIO_new_file(publicKeyFileName.data(), "w+"), BIO_free_all };
-        if (bioPublicKey == nullptr) {
-            throw std::runtime_error("Couldn't initialize \'bioPublicKey\'. BIO_new_file(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        }
-
-        /* Write public key on file */
-        if (!PEM_write_bio_RSA_PUBKEY(bioPublicKey.get(), rsa)) {
-            throw std::runtime_error("Couldn't save public key. PEM_write_bio_RSAPublicKey(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        }
-    } catch (std::exception& exception) {
-        QSimpleCrypto::QRsa::error.setError(1, exception.what());
-        return;
-    } catch (...) {
-        QSimpleCrypto::QRsa::error.setError(2, "Unknown error!");
-        return;
-    }
-}
-
-///
-/// \brief QSimpleCrypto::QRSA::savePrivateKey - Saves to file RSA private key.
-/// \param rsa - OpenSSL RSA structure.
-/// \param privateKeyFileName - Private key file name.
-/// \param password - Private key password.
-/// \param cipher - Can be used with 'OpenSSL EVP_CIPHER' (ecb, cbc, cfb, ofb, ctr) - 128, 192, 256. Example: EVP_aes_256_cbc().
-///
-void QSimpleCrypto::QRsa::savePrivateKey(RSA* rsa, const QByteArray& privateKeyFileName, QByteArray password, const EVP_CIPHER* cipher)
-{
-    try {
-        /* Initialize BIO */
-        std::unique_ptr<BIO, void (*)(BIO*)> bioPrivateKey { BIO_new_file(privateKeyFileName.data(), "w+"), BIO_free_all };
-        if (bioPrivateKey == nullptr) {
-            throw std::runtime_error("Couldn't initialize bioPrivateKey. BIO_new_file(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        }
-
-        /* Write private key to file */
-        if (!PEM_write_bio_RSAPrivateKey(bioPrivateKey.get(), rsa, cipher, reinterpret_cast<unsigned char*>(password.data()), password.size(), nullptr, nullptr)) {
-            throw std::runtime_error("Couldn't save private key. PEM_write_bio_RSAPrivateKey(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        }
-    } catch (std::exception& exception) {
-        QSimpleCrypto::QRsa::error.setError(1, exception.what());
-        return;
-    } catch (...) {
-        QSimpleCrypto::QRsa::error.setError(2, "Unknown error!");
-        return;
-    }
-}
-
-///
-/// \brief QSimpleCrypto::QRSA::getPublicKeyFromFile - Gets RSA public key from a file.
-/// \param filePath - File path to public key file.
-/// \return Returns 'OpenSSL EVP_PKEY structure' or 'nullptr', if error happened. Returned value must be cleaned up with 'EVP_PKEY_free()' to avoid memory leak.
-///
-EVP_PKEY* QSimpleCrypto::QRsa::getPublicKeyFromFile(const QByteArray& filePath)
-{
-    try {
-        /* Initialize BIO */
-        std::unique_ptr<BIO, void (*)(BIO*)> bioPublicKey { BIO_new_file(filePath.data(), "r"), BIO_free_all };
-        if (bioPublicKey == nullptr) {
-            throw std::runtime_error("Couldn't initialize bioPublicKey. BIO_new_file(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        }
-
-        /* Initialize EVP_PKEY */
-        EVP_PKEY* keyStore = nullptr;
-        if (!(keyStore = EVP_PKEY_new())) {
-            throw std::runtime_error("Couldn't initialize keyStore. EVP_PKEY_new(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        }
-
-        /* Write private key to file */
-        if (!PEM_read_bio_PUBKEY(bioPublicKey.get(), &keyStore, nullptr, nullptr)) {
-            throw std::runtime_error("Couldn't read private key. PEM_read_bio_PrivateKey(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        }
-
-        return keyStore;
-
-    } catch (std::exception& exception) {
-        QSimpleCrypto::QRsa::error.setError(1, exception.what());
-        return nullptr;
-    } catch (...) {
-        QSimpleCrypto::QRsa::error.setError(2, "Unknown error!");
-        return nullptr;
-    }
-}
-
-///
-/// \brief QSimpleCrypto::QRSA::getPrivateKeyFromFile - Gets RSA private key from a file.
-/// \param filePath - File path to private key file.
-/// \param password - Private key password.
-/// \return - Returns 'OpenSSL EVP_PKEY structure' or 'nullptr', if error happened. Returned value must be cleaned up with 'EVP_PKEY_free()' to avoid memory leak.
-///
-EVP_PKEY* QSimpleCrypto::QRsa::getPrivateKeyFromFile(const QByteArray& filePath, const QByteArray& password)
-{
-    try {
-        /* Initialize BIO */
-        std::unique_ptr<BIO, void (*)(BIO*)> bioPrivateKey { BIO_new_file(filePath.data(), "r"), BIO_free_all };
-        if (bioPrivateKey == nullptr) {
-            throw std::runtime_error("Couldn't initialize bioPrivateKey. BIO_new_file(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        }
-
-        /* Initialize EVP_PKEY */
-        EVP_PKEY* keyStore = nullptr;
-        if (!(keyStore = EVP_PKEY_new())) {
-            throw std::runtime_error("Couldn't initialize keyStore. EVP_PKEY_new(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        }
-
-        /* Write private key to file */
-        if (!PEM_read_bio_PrivateKey(bioPrivateKey.get(), &keyStore, nullptr, (void*)password.data())) {
-            throw std::runtime_error("Couldn't read private key. PEM_read_bio_PrivateKey(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        }
-
-        return keyStore;
-
-    } catch (std::exception& exception) {
-        QSimpleCrypto::QRsa::error.setError(1, exception.what());
-        return nullptr;
-    } catch (...) {
-        QSimpleCrypto::QRsa::error.setError(2, "Unknown error!");
-        return nullptr;
-    }
-}
-
-///
-/// \brief QSimpleCrypto::QRSA::encrypt - Encrypt data with RSA algorithm.
-/// \param plaintext - Text that must be encrypted.
-/// \param rsa - OpenSSL RSA structure.
-/// \param encryptType - Public or private encrypt type. (PUBLIC_ENCRYPT, PRIVATE_ENCRYPT).
-/// \param padding - OpenSSL RSA padding can be used with: 'RSA_PKCS1_PADDING', 'RSA_NO_PADDING' and etc.
-/// \return Returns encrypted data or "", if error happened.
-///
-QByteArray QSimpleCrypto::QRsa::encrypt(QByteArray plainText, RSA* rsa, const int& encryptType, const int& padding)
-{
-    try {
-        /* Initialize array. Here encrypted data will be saved */
-        std::unique_ptr<unsigned char[]> cipherText { new unsigned char[RSA_size(rsa)]() };
-        if (cipherText == nullptr) {
-            throw std::runtime_error("Couldn't allocate memory for 'cipherText'.");
-        }
-
-        /* Result of encryption operation */
-        short int result = 0;
-
-        /* Execute encryption operation */
-        if (encryptType == PublicDecrypt) {
-            result = RSA_public_encrypt(plainText.size(), reinterpret_cast<unsigned char*>(plainText.data()), cipherText.get(), rsa, padding);
-        } else if (encryptType == PrivateDecrypt) {
-            result = RSA_private_encrypt(plainText.size(), reinterpret_cast<unsigned char*>(plainText.data()), cipherText.get(), rsa, padding);
-        }
-
-        /* Check for result */
-        if (result <= -1) {
-            throw std::runtime_error("Couldn't encrypt data. Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        }
-
-        /* Get encrypted data */
-        const QByteArray& encryptedData = QByteArray(reinterpret_cast<char*>(cipherText.get()), RSA_size(rsa));
-
-        return encryptedData;
-    } catch (std::exception& exception) {
-        QSimpleCrypto::QRsa::error.setError(1, exception.what());
-        return "";
-    } catch (...) {
-        QSimpleCrypto::QRsa::error.setError(2, "Unknown error!");
-        return "";
-    }
-}
-
-///
-/// \brief QSimpleCrypto::QRSA::decrypt - Decrypt data with RSA algorithm.
-/// \param cipherText - Text that must be decrypted.
-/// \param rsa - OpenSSL RSA structure.
-/// \param decryptType - Public or private type. (PUBLIC_DECRYPT, PRIVATE_DECRYPT).
-/// \param padding  - RSA padding can be used with: 'RSA_PKCS1_PADDING', 'RSA_NO_PADDING' and etc.
-/// \return - Returns decrypted data or "", if error happened.
-///
-QByteArray QSimpleCrypto::QRsa::decrypt(QByteArray cipherText, RSA* rsa, const int& decryptType, const int& padding)
-{
-    try {
-        /* Initialize array. Here decrypted data will be saved */
-        std::unique_ptr<unsigned char[]> plainText { new unsigned char[cipherText.size()]() };
-        if (plainText == nullptr) {
-            throw std::runtime_error("Couldn't allocate memory for 'plainText'.");
-        }
-
-        /* Result of decryption operation */
-        short int result = 0;
-
-        /* Execute decryption operation */
-        if (decryptType == PublicDecrypt) {
-            result = RSA_public_decrypt(RSA_size(rsa), reinterpret_cast<unsigned char*>(cipherText.data()), plainText.get(), rsa, padding);
-        } else if (decryptType == PrivateDecrypt) {
-            result = RSA_private_decrypt(RSA_size(rsa), reinterpret_cast<unsigned char*>(cipherText.data()), plainText.get(), rsa, padding);
-        }
-
-        /* Check for result */
-        if (result <= -1) {
-            throw std::runtime_error("Couldn't decrypt data. Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        }
-
-        /* Get decrypted data */
-        const QByteArray& decryptedData = QByteArray(reinterpret_cast<char*>(plainText.get()));
-
-        return decryptedData;
-    } catch (std::exception& exception) {
-        QSimpleCrypto::QRsa::error.setError(1, exception.what());
-        return "";
-    } catch (...) {
-        QSimpleCrypto::QRsa::error.setError(2, "Unknown error!");
-        return "";
-    }
-}

client/3rd/QSimpleCrypto/sources/QX509.cpp

@@ -1,234 +0,0 @@
-/**
- * Copyright 2021 BrutalWizard (https://github.com/bru74lw1z4rd). All Rights Reserved.
- *
- * Licensed under the Apache License 2.0 (the "License"). You may not use
- * this file except in compliance with the License. You can obtain a copy
- * in the file LICENSE in the source distribution
-**/
-
-#include "include/QX509.h"
-
-QSimpleCrypto::QX509::QX509()
-{
-}
-
-///
-/// \brief QSimpleCrypto::QX509::loadCertificateFromFile - Function load X509 from file and returns OpenSSL structure.
-/// \param fileName - File path to certificate.
-/// \return Returns OpenSSL X509 structure or nullptr, if error happened. Returned value must be cleaned up with 'X509_free' to avoid memory leak.
-///
-X509* QSimpleCrypto::QX509::loadCertificateFromFile(const QByteArray& fileName)
-{
-    try {
-        /* Initialize X509 */
-        X509* x509 = nullptr;
-        if (!(x509 = X509_new())) {
-            throw std::runtime_error("Couldn't initialize X509. X509_new(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        }
-
-        /* Initialize BIO */
-        std::unique_ptr<BIO, void (*)(BIO*)> certFile { BIO_new_file(fileName.data(), "r+"), BIO_free_all };
-        if (certFile == nullptr) {
-            throw std::runtime_error("Couldn't initialize certFile. BIO_new_file(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        }
-
-        /* Read file */
-        if (!PEM_read_bio_X509(certFile.get(), &x509, nullptr, nullptr)) {
-            throw std::runtime_error("Couldn't read certificate file from disk. PEM_read_bio_X509(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        }
-
-        return x509;
-    } catch (std::exception& exception) {
-        QSimpleCrypto::QX509::error.setError(1, exception.what());
-        return nullptr;
-    } catch (...) {
-        QSimpleCrypto::QX509::error.setError(2, "Unknown error!");
-        return nullptr;
-    }
-}
-
-///
-/// \brief QSimpleCrypto::QX509::signCertificate - Function signs X509 certificate and returns signed X509 OpenSSL structure.
-/// \param endCertificate - Certificate that will be signed
-/// \param caCertificate - CA certificate that will sign end certificate
-/// \param caPrivateKey - CA certificate private key
-/// \param fileName - With that name certificate will be saved. Leave "", if don't need to save it
-/// \return Returns OpenSSL X509 structure or nullptr, if error happened.
-///
-X509* QSimpleCrypto::QX509::signCertificate(X509* endCertificate, X509* caCertificate, EVP_PKEY* caPrivateKey, const QByteArray& fileName)
-{
-    try {
-        /* Set issuer to CA's subject. */
-        if (!X509_set_issuer_name(endCertificate, X509_get_subject_name(caCertificate))) {
-            throw std::runtime_error("Couldn't set issuer name for X509. X509_set_issuer_name(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        }
-
-        /* Sign the certificate with key. */
-        if (!X509_sign(endCertificate, caPrivateKey, EVP_sha256())) {
-            throw std::runtime_error("Couldn't sign X509. X509_sign(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        }
-
-        /* Write certificate file on disk. If needed */
-        if (!fileName.isEmpty()) {
-            /* Initialize BIO */
-            std::unique_ptr<BIO, void (*)(BIO*)> certFile { BIO_new_file(fileName.data(), "w+"), BIO_free_all };
-            if (certFile == nullptr) {
-                throw std::runtime_error("Couldn't initialize certFile. BIO_new_file(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-            }
-
-            /* Write file on disk */
-            if (!PEM_write_bio_X509(certFile.get(), endCertificate)) {
-                throw std::runtime_error("Couldn't write certificate file on disk. PEM_write_bio_X509(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-            }
-        }
-
-        return endCertificate;
-    } catch (std::exception& exception) {
-        QSimpleCrypto::QX509::error.setError(1, exception.what());
-        return nullptr;
-    } catch (...) {
-        QSimpleCrypto::QX509::error.setError(2, "Unknown error!");
-        return nullptr;
-    }
-}
-
-///
-/// \brief QSimpleCrypto::QX509::verifyCertificate - Function verifies X509 certificate and returns verified X509 OpenSSL structure.
-/// \param x509 - OpenSSL X509. That certificate will be verified.
-/// \param store - Trusted certificate must be added to X509_Store with 'addCertificateToStore(X509_STORE* ctx, X509* x509)'.
-/// \return Returns OpenSSL X509 structure or nullptr, if error happened
-///
-X509* QSimpleCrypto::QX509::verifyCertificate(X509* x509, X509_STORE* store)
-{
-    try {
-        /* Initialize X509_STORE_CTX */
-        std::unique_ptr<X509_STORE_CTX, void (*)(X509_STORE_CTX*)> ctx { X509_STORE_CTX_new(), X509_STORE_CTX_free };
-        if (ctx == nullptr) {
-            throw std::runtime_error("Couldn't initialize keyStore. EVP_PKEY_new(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        }
-
-        /* Set up CTX for a subsequent verification operation */
-        if (!X509_STORE_CTX_init(ctx.get(), store, x509, nullptr)) {
-            throw std::runtime_error("Couldn't initialize X509_STORE_CTX. X509_STORE_CTX_init(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        }
-
-        /* Verify X509 */
-        if (!X509_verify_cert(ctx.get())) {
-            throw std::runtime_error("Couldn't verify cert. X509_verify_cert(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        }
-
-        return x509;
-    } catch (std::exception& exception) {
-        QSimpleCrypto::QX509::error.setError(1, exception.what());
-        return nullptr;
-    } catch (...) {
-        QSimpleCrypto::QX509::error.setError(2, "Unknown error!");
-        return nullptr;
-    }
-}
-
-///
-/// \brief QSimpleCrypto::QX509::generateSelfSignedCertificate - Function generatesand returns  self signed X509.
-/// \param rsa - OpenSSL RSA.
-/// \param additionalData - Certificate information.
-/// \param certificateFileName - With that name certificate will be saved. Leave "", if don't need to save it.
-/// \param md - OpenSSL EVP_MD structure. Example: EVP_sha512().
-/// \param serialNumber - X509 certificate serial number.
-/// \param version - X509 certificate version.
-/// \param notBefore - X509 start date.
-/// \param notAfter - X509 end date.
-/// \return Returns OpenSSL X509 structure or nullptr, if error happened. Returned value must be cleaned up with 'X509_free' to avoid memory leak.
-///
-X509* QSimpleCrypto::QX509::generateSelfSignedCertificate(RSA* rsa, const QMap<QByteArray, QByteArray>& additionalData,
-    const QByteArray& certificateFileName, const EVP_MD* md,
-    const long& serialNumber, const long& version,
-    const long& notBefore, const long& notAfter)
-{
-    try {
-        /* Initialize X509 */
-        X509* x509 = nullptr;
-        if (!(x509 = X509_new())) {
-            throw std::runtime_error("Couldn't initialize X509. X509_new(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        }
-
-        /* Initialize EVP_PKEY */
-        std::unique_ptr<EVP_PKEY, void (*)(EVP_PKEY*)> keyStore { EVP_PKEY_new(), EVP_PKEY_free };
-        if (keyStore == nullptr) {
-            throw std::runtime_error("Couldn't initialize keyStore. EVP_PKEY_new(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        }
-
-        /* Sign rsa key */
-        if (!EVP_PKEY_assign_RSA(keyStore.get(), rsa)) {
-            throw std::runtime_error("Couldn't assign rsa. EVP_PKEY_assign_RSA(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        }
-
-        /* Set certificate serial number. */
-        if (!ASN1_INTEGER_set(X509_get_serialNumber(x509), serialNumber)) {
-            throw std::runtime_error("Couldn't set serial number. ASN1_INTEGER_set(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        }
-
-        /* Set certificate version */
-        if (!X509_set_version(x509, version)) {
-            throw std::runtime_error("Couldn't set version. X509_set_version(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        }
-
-        /* Set certificate creation and expiration date */
-        X509_gmtime_adj(X509_get_notBefore(x509), notBefore);
-        X509_gmtime_adj(X509_get_notAfter(x509), notAfter);
-
-        /* Set certificate public key */
-        if (!X509_set_pubkey(x509, keyStore.get())) {
-            throw std::runtime_error("Couldn't set public key. X509_set_pubkey(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        }
-
-        /* Initialize X509_NAME */
-        X509_NAME* x509Name = X509_get_subject_name(x509);
-        if (x509Name == nullptr) {
-            throw std::runtime_error("Couldn't initialize X509_NAME. X509_NAME(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        }
-
-        /* Add additional data to certificate */
-        QMapIterator<QByteArray, QByteArray> certificateInformationList(additionalData);
-        while (certificateInformationList.hasNext()) {
-            /* Read next item in list */
-            certificateInformationList.next();
-
-            /* Set additional data */
-            if (!X509_NAME_add_entry_by_txt(x509Name, certificateInformationList.key().data(), MBSTRING_UTF8, reinterpret_cast<const unsigned char*>(certificateInformationList.value().data()), -1, -1, 0)) {
-                throw std::runtime_error("Couldn't set additional information. X509_NAME_add_entry_by_txt(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-            }
-        }
-
-        /* Set certificate info */
-        if (!X509_set_issuer_name(x509, x509Name)) {
-            throw std::runtime_error("Couldn't set issuer name. X509_set_issuer_name(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        }
-
-        /* Sign certificate */
-        if (!X509_sign(x509, keyStore.get(), md)) {
-            throw std::runtime_error("Couldn't sign X509. X509_sign(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        }
-
-        /* Write certificate file on disk. If needed */
-        if (!certificateFileName.isEmpty()) {
-            /* Initialize BIO */
-            std::unique_ptr<BIO, void (*)(BIO*)> certFile { BIO_new_file(certificateFileName.data(), "w+"), BIO_free_all };
-            if (certFile == nullptr) {
-                throw std::runtime_error("Couldn't initialize certFile. BIO_new_file(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-            }
-
-            /* Write file on disk */
-            if (!PEM_write_bio_X509(certFile.get(), x509)) {
-                throw std::runtime_error("Couldn't write certificate file on disk. PEM_write_bio_X509(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-            }
-        }
-
-        return x509;
-    } catch (std::exception& exception) {
-        QSimpleCrypto::QX509::error.setError(1, exception.what());
-        return nullptr;
-    } catch (...) {
-        QSimpleCrypto::QX509::error.setError(2, "Unknown error!");
-        return nullptr;
-    }
-}

client/3rd/QSimpleCrypto/sources/QX509Store.cpp

@@ -1,176 +0,0 @@
-/**
- * Copyright 2021 BrutalWizard (https://github.com/bru74lw1z4rd). All Rights Reserved.
- *
- * Licensed under the Apache License 2.0 (the "License"). You may not use
- * this file except in compliance with the License. You can obtain a copy
- * in the file LICENSE in the source distribution
-**/
-
-#include "include/QX509Store.h"
-
-QSimpleCrypto::QX509Store::QX509Store()
-{
-}
-
-///
-/// \brief QSimpleCrypto::QX509::addCertificateToStore
-/// \param store - OpenSSL X509_STORE.
-/// \param x509 - OpenSSL X509.
-/// \return Returns 'true' on success and 'false', if error happened.
-///
-bool QSimpleCrypto::QX509Store::addCertificateToStore(X509_STORE* store, X509* x509)
-{
-    if (!X509_STORE_add_cert(store, x509)) {
-        QSimpleCrypto::QX509Store::error.setError(1, "Couldn't add certificate to X509_STORE. X509_STORE_add_cert(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        return false;
-    }
-
-    return true;
-}
-
-///
-/// \brief QSimpleCrypto::QX509Store::addLookup
-/// \param store - OpenSSL X509_STORE.
-/// \param method - OpenSSL X509_LOOKUP_METHOD. Example: X509_LOOKUP_file.
-/// \return Returns 'true' on success and 'false', if error happened.
-///
-bool QSimpleCrypto::QX509Store::addLookup(X509_STORE* store, X509_LOOKUP_METHOD* method)
-{
-    if (!X509_STORE_add_lookup(store, method)) {
-        QSimpleCrypto::QX509Store::error.setError(1, "Couldn't add lookup to X509_STORE. X509_STORE_add_lookup(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        return false;
-    }
-
-    return true;
-}
-
-///
-/// \brief QSimpleCrypto::QX509Store::setCertificateDepth
-/// \param store - OpenSSL X509_STORE.
-/// \param depth - That is the maximum number of untrusted CA certificates that can appear in a chain. Example: 0.
-/// \return Returns 'true' on success and 'false', if error happened.
-///
-bool QSimpleCrypto::QX509Store::setDepth(X509_STORE* store, const int& depth)
-{
-    if (!X509_STORE_set_depth(store, depth)) {
-        QSimpleCrypto::QX509Store::error.setError(1, "Couldn't set depth for X509_STORE. X509_STORE_set_depth(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        return false;
-    }
-
-    return true;
-}
-
-///
-/// \brief QSimpleCrypto::QX509Store::setFlag
-/// \param store - OpenSSL X509_STORE.
-/// \param flag - The verification flags consists of zero or more of the following flags ored together. Example: X509_V_FLAG_CRL_CHECK.
-/// \return Returns 'true' on success and 'false', if error happened.
-///
-bool QSimpleCrypto::QX509Store::setFlag(X509_STORE* store, const unsigned long& flag)
-{
-    if (!X509_STORE_set_flags(store, flag)) {
-        QSimpleCrypto::QX509Store::error.setError(1, "Couldn't set flag for X509_STORE. X509_STORE_set_flags(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        return false;
-    }
-
-    return true;
-}
-
-///
-/// \brief QSimpleCrypto::QX509Store::setFlag
-/// \param store - OpenSSL X509_STORE.
-/// \param purpose - Verification purpose in param to purpose. Example: X509_PURPOSE_ANY.
-/// \return Returns 'true' on success and 'false', if error happened.
-///
-bool QSimpleCrypto::QX509Store::setPurpose(X509_STORE* store, const int& purpose)
-{
-    if (!X509_STORE_set_purpose(store, purpose)) {
-        QSimpleCrypto::QX509Store::error.setError(1, "Couldn't set purpose for X509_STORE. X509_STORE_set_purpose(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        return false;
-    }
-
-    return true;
-}
-
-///
-/// \brief QSimpleCrypto::QX509Store::setTrust
-/// \param store - OpenSSL X509_STORE.
-/// \param trust - Trust Level. Example: X509_TRUST_SSL_SERVER.
-/// \return Returns 'true' on success and 'false', if error happened.
-///
-bool QSimpleCrypto::QX509Store::setTrust(X509_STORE* store, const int& trust)
-{
-    if (!X509_STORE_set_trust(store, trust)) {
-        QSimpleCrypto::QX509Store::error.setError(1, "Couldn't set trust for X509_STORE. X509_STORE_set_trust(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        return false;
-    }
-
-    return true;
-}
-
-///
-/// \brief QSimpleCrypto::QX509Store::setDefaultPaths
-/// \param store - OpenSSL X509_STORE.
-/// \return Returns 'true' on success and 'false', if error happened.
-///
-bool QSimpleCrypto::QX509Store::setDefaultPaths(X509_STORE* store)
-{
-    if (!X509_STORE_set_default_paths(store)) {
-        QSimpleCrypto::QX509Store::error.setError(1, "Couldn't set default paths for X509_STORE. X509_STORE_set_default_paths(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        return false;
-    }
-
-    return true;
-}
-
-///
-/// \brief QSimpleCrypto::QX509Store::loadLocations
-/// \param store - OpenSSL X509_STORE.
-/// \param fileName - File name. Example: "caCertificate.pem".
-/// \param dirPath - Path to file. Example: "path/To/File".
-/// \return Returns 'true' on success and 'false', if error happened.
-///
-bool QSimpleCrypto::QX509Store::loadLocations(X509_STORE* store, const QByteArray& fileName, const QByteArray& dirPath)
-{
-    if (!X509_STORE_load_locations(store, fileName, dirPath)) {
-        QSimpleCrypto::QX509Store::error.setError(1, "Couldn't load locations for X509_STORE. X509_STORE_load_locations(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        return false;
-    }
-
-    return true;
-}
-
-///
-/// \brief QSimpleCrypto::QX509Store::loadLocations
-/// \param store - OpenSSL X509_STORE.
-/// \param file - Qt QFile that will be loaded.
-/// \return Returns 'true' on success and 'false', if error happened.
-///
-bool QSimpleCrypto::QX509Store::loadLocations(X509_STORE* store, const QFile& file)
-{
-    /* Initialize QFileInfo to read information about file */
-    QFileInfo info(file);
-
-    if (!X509_STORE_load_locations(store, info.fileName().toLocal8Bit(), info.absoluteDir().path().toLocal8Bit())) {
-        QSimpleCrypto::QX509Store::error.setError(1, "Couldn't load locations for X509_STORE. X509_STORE_load_locations(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        return false;
-    }
-
-    return true;
-}
-
-///
-/// \brief QSimpleCrypto::QX509Store::loadLocations
-/// \param store - OpenSSL X509_STORE.
-/// \param fileInfo - Qt QFileInfo.
-/// \return Returns 'true' on success and 'false', if error happened.
-///
-bool QSimpleCrypto::QX509Store::loadLocations(X509_STORE* store, const QFileInfo& fileInfo)
-{
-    if (!X509_STORE_load_locations(store, fileInfo.fileName().toLocal8Bit(), fileInfo.absoluteDir().path().toLocal8Bit())) {
-        QSimpleCrypto::QX509Store::error.setError(1, "Couldn't load locations for X509_STORE. X509_STORE_load_locations(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
-        return false;
-    }
-
-    return true;
-}

client/CMakeLists.txt

@@ -24,6 +24,12 @@ execute_process(
 
 add_definitions(-DGIT_COMMIT_HASH="${GIT_COMMIT_HASH}")
 
+add_definitions(-DPROD_AGW_PUBLIC_KEY="$ENV{PROD_AGW_PUBLIC_KEY}")
+add_definitions(-DPROD_PROXY_STORAGE_KEY="$ENV{PROD_PROXY_STORAGE_KEY}")
+
+add_definitions(-DDEV_AGW_PUBLIC_KEY="$ENV{DEV_AGW_PUBLIC_KEY}")
+add_definitions(-DDEV_AGW_ENDPOINT="$ENV{DEV_AGW_ENDPOINT}")
+
 if(IOS)
     set(PACKAGES ${PACKAGES} Multimedia)
 endif()
@@ -34,7 +40,7 @@ endif()
 
 find_package(Qt6 REQUIRED COMPONENTS ${PACKAGES})
 
-set(LIBS ${LIBS} 
+set(LIBS ${LIBS}
     Qt6::Core Qt6::Gui
     Qt6::Network Qt6::Xml Qt6::RemoteObjects
     Qt6::Quick Qt6::Svg Qt6::QuickControls2
@@ -107,6 +113,7 @@ include(${CMAKE_CURRENT_LIST_DIR}/cmake/3rdparty.cmake)
 
 include_directories(
     ${CMAKE_CURRENT_LIST_DIR}/../ipc
+    ${CMAKE_CURRENT_LIST_DIR}/../common/logger
     ${CMAKE_CURRENT_LIST_DIR}
     ${CMAKE_CURRENT_BINARY_DIR}
 )
@@ -128,12 +135,15 @@ set(HEADERS ${HEADERS}
     ${CMAKE_CURRENT_LIST_DIR}/protocols/protocols_defs.h
     ${CMAKE_CURRENT_LIST_DIR}/protocols/qml_register_protocols.h
     ${CMAKE_CURRENT_LIST_DIR}/ui/pages.h
-    ${CMAKE_CURRENT_LIST_DIR}/ui/property_helper.h
     ${CMAKE_CURRENT_LIST_DIR}/ui/qautostart.h
     ${CMAKE_CURRENT_LIST_DIR}/protocols/vpnprotocol.h
     ${CMAKE_CURRENT_BINARY_DIR}/version.h
     ${CMAKE_CURRENT_LIST_DIR}/core/sshclient.h
     ${CMAKE_CURRENT_LIST_DIR}/core/networkUtilities.h
+    ${CMAKE_CURRENT_LIST_DIR}/core/serialization/serialization.h
+    ${CMAKE_CURRENT_LIST_DIR}/core/serialization/transfer.h
+    ${CMAKE_CURRENT_LIST_DIR}/core/enums/apiEnums.h
+    ${CMAKE_CURRENT_LIST_DIR}/../common/logger/logger.h
 )
 
 # Mozilla headres
@@ -151,7 +161,6 @@ include_directories(mozilla/models)
 
 if(NOT IOS)
     set(HEADERS ${HEADERS}
-        ${CMAKE_CURRENT_LIST_DIR}/platforms/ios/MobileUtils.h
         ${CMAKE_CURRENT_LIST_DIR}/platforms/ios/QRCodeReaderBase.h
     )
 endif()
@@ -177,6 +186,15 @@ set(SOURCES ${SOURCES}
     ${CMAKE_CURRENT_LIST_DIR}/protocols/vpnprotocol.cpp
     ${CMAKE_CURRENT_LIST_DIR}/core/sshclient.cpp
     ${CMAKE_CURRENT_LIST_DIR}/core/networkUtilities.cpp
+    ${CMAKE_CURRENT_LIST_DIR}/core/serialization/outbound.cpp
+    ${CMAKE_CURRENT_LIST_DIR}/core/serialization/inbound.cpp
+    ${CMAKE_CURRENT_LIST_DIR}/core/serialization/ss.cpp
+    ${CMAKE_CURRENT_LIST_DIR}/core/serialization/ssd.cpp
+    ${CMAKE_CURRENT_LIST_DIR}/core/serialization/vless.cpp
+    ${CMAKE_CURRENT_LIST_DIR}/core/serialization/trojan.cpp
+    ${CMAKE_CURRENT_LIST_DIR}/core/serialization/vmess.cpp
+    ${CMAKE_CURRENT_LIST_DIR}/core/serialization/vmess_new.cpp
+    ${CMAKE_CURRENT_LIST_DIR}/../common/logger/logger.cpp
 )
 
 # Mozilla sources
@@ -193,7 +211,6 @@ endif()
 
 if(NOT IOS)
     set(SOURCES ${SOURCES}
-        ${CMAKE_CURRENT_LIST_DIR}/platforms/ios/MobileUtils.cpp
         ${CMAKE_CURRENT_LIST_DIR}/platforms/ios/QRCodeReaderBase.cpp
     )
 endif()
@@ -244,7 +261,7 @@ set(SOURCES ${SOURCES}
 
 if(WIN32)
     configure_file(
-        ${CMAKE_CURRENT_LIST_DIR}/platforms/windows/amneziavpn.rc.in 
+        ${CMAKE_CURRENT_LIST_DIR}/platforms/windows/amneziavpn.rc.in
         ${CMAKE_CURRENT_BINARY_DIR}/amneziavpn.rc
     )
 

client/amnezia_application.cpp

@@ -3,13 +3,13 @@
 #include <QClipboard>
 #include <QFontDatabase>
 #include <QMimeData>
+#include <QQuickItem>
 #include <QQuickStyle>
 #include <QResource>
 #include <QStandardPaths>
 #include <QTextDocument>
 #include <QTimer>
 #include <QTranslator>
-#include <QQuickItem>
 
 #include "logger.h"
 #include "ui/models/installedAppsModel.h"
@@ -55,6 +55,7 @@ AmneziaApplication::AmneziaApplication(int &argc, char *argv[], bool allowSecond
 #endif
 
     m_settings = std::shared_ptr<Settings>(new Settings);
+    m_nam = new QNetworkAccessManager(this);
 }
 
 AmneziaApplication::~AmneziaApplication()
@@ -115,7 +116,7 @@ void AmneziaApplication::init()
     }
 
     connect(AndroidController::instance(), &AndroidController::importConfigFromOutside, [this](QString data) {
-        m_pageController->replaceStartPage();
+        m_pageController->goToPageHome();
         m_importController->extractConfigFromData(data);
         m_pageController->goToPageViewConfig();
     });
@@ -126,13 +127,13 @@ void AmneziaApplication::init()
 #ifdef Q_OS_IOS
     IosController::Instance()->initialize();
     connect(IosController::Instance(), &IosController::importConfigFromOutside, [this](QString data) {
-        m_pageController->replaceStartPage();
+        m_pageController->goToPageHome();
         m_importController->extractConfigFromData(data);
         m_pageController->goToPageViewConfig();
     });
 
     connect(IosController::Instance(), &IosController::importBackupFromOutside, [this](QString filePath) {
-        m_pageController->replaceStartPage();
+        m_pageController->goToPageHome();
         m_pageController->goToPageSettingsBackup();
         m_settingsController->importBackupFromOutside(filePath);
     });
@@ -150,22 +151,25 @@ void AmneziaApplication::init()
 
     connect(m_notificationHandler.get(), &NotificationHandler::raiseRequested, m_pageController.get(), &PageController::raiseMainWindow);
     connect(m_notificationHandler.get(), &NotificationHandler::connectRequested, m_connectionController.get(),
-            &ConnectionController::openConnection);
+            static_cast<void (ConnectionController::*)()>(&ConnectionController::openConnection));
     connect(m_notificationHandler.get(), &NotificationHandler::disconnectRequested, m_connectionController.get(),
             &ConnectionController::closeConnection);
     connect(this, &AmneziaApplication::translationsUpdated, m_notificationHandler.get(), &NotificationHandler::onTranslationsUpdated);
 #endif
 
+    m_engine->addImportPath("qrc:/ui/qml/Modules/");
     m_engine->load(url);
     m_systemController->setQmlRoot(m_engine->rootObjects().value(0));
 
+    bool enabled = m_settings->isSaveLogs();
 #ifndef Q_OS_ANDROID
-    if (m_settings->isSaveLogs()) {
-        if (!Logger::init()) {
+    if (enabled) {
+        if (!Logger::init(false)) {
             qWarning() << "Initialization of debug subsystem failed";
         }
     }
 #endif
+    Logger::setServiceLogsEnabled(enabled);
 
 #ifdef Q_OS_WIN
     if (m_parser.isSet("a"))
@@ -350,10 +354,25 @@ void AmneziaApplication::initModels()
     m_sftpConfigModel.reset(new SftpConfigModel(this));
     m_engine->rootContext()->setContextProperty("SftpConfigModel", m_sftpConfigModel.get());
 
+    m_socks5ConfigModel.reset(new Socks5ProxyConfigModel(this));
+    m_engine->rootContext()->setContextProperty("Socks5ProxyConfigModel", m_socks5ConfigModel.get());
+
     m_clientManagementModel.reset(new ClientManagementModel(m_settings, this));
     m_engine->rootContext()->setContextProperty("ClientManagementModel", m_clientManagementModel.get());
     connect(m_clientManagementModel.get(), &ClientManagementModel::adminConfigRevoked, m_serversModel.get(),
             &ServersModel::clearCachedProfile);
+
+    m_apiServicesModel.reset(new ApiServicesModel(this));
+    m_engine->rootContext()->setContextProperty("ApiServicesModel", m_apiServicesModel.get());
+
+    m_apiCountryModel.reset(new ApiCountryModel(this));
+    m_engine->rootContext()->setContextProperty("ApiCountryModel", m_apiCountryModel.get());
+    connect(m_serversModel.get(), &ServersModel::updateApiLanguageModel, this, [this]() {
+        m_apiCountryModel->updateModel(m_serversModel->getProcessedServerData("apiAvailableCountries").toJsonArray(),
+                                       m_serversModel->getProcessedServerData("apiServerCountryCode").toString());
+    });
+    connect(m_serversModel.get(), &ServersModel::updateApiServicesModel, this,
+            [this]() { m_apiServicesModel->updateModel(m_serversModel->getProcessedServerData("apiConfig").toJsonObject()); });
 }
 
 void AmneziaApplication::initControllers()
@@ -362,19 +381,26 @@ void AmneziaApplication::initControllers()
             new ConnectionController(m_serversModel, m_containersModel, m_clientManagementModel, m_vpnConnection, m_settings));
     m_engine->rootContext()->setContextProperty("ConnectionController", m_connectionController.get());
 
-    connect(m_connectionController.get(), &ConnectionController::connectionErrorOccurred, this, [this](const QString &errorMessage) {
-        emit m_pageController->showErrorMessage(errorMessage);
-        emit m_vpnConnection->connectionStateChanged(Vpn::ConnectionState::Disconnected);
-    });
+    connect(m_connectionController.get(), qOverload<const QString &>(&ConnectionController::connectionErrorOccurred), this,
+            [this](const QString &errorMessage) {
+                emit m_pageController->showErrorMessage(errorMessage);
+                emit m_vpnConnection->connectionStateChanged(Vpn::ConnectionState::Disconnected);
+            });
+
+    connect(m_connectionController.get(), qOverload<ErrorCode>(&ConnectionController::connectionErrorOccurred), this,
+            [this](ErrorCode errorCode) {
+                emit m_pageController->showErrorMessage(errorCode);
+                emit m_vpnConnection->connectionStateChanged(Vpn::ConnectionState::Disconnected);
+            });
+
     connect(m_connectionController.get(), &ConnectionController::connectButtonClicked, m_connectionController.get(),
             &ConnectionController::toggleConnection, Qt::QueuedConnection);
 
-    connect(this, &AmneziaApplication::translationsUpdated, m_connectionController.get(), &ConnectionController::onTranslationsUpdated);
-
     m_pageController.reset(new PageController(m_serversModel, m_settings));
     m_engine->rootContext()->setContextProperty("PageController", m_pageController.get());
 
-    m_installController.reset(new InstallController(m_serversModel, m_containersModel, m_protocolsModel, m_clientManagementModel, m_settings));
+    m_installController.reset(new InstallController(m_serversModel, m_containersModel, m_protocolsModel, m_clientManagementModel,
+                                                    m_apiServicesModel, m_settings));
     m_engine->rootContext()->setContextProperty("InstallController", m_installController.get());
     connect(m_installController.get(), &InstallController::passphraseRequestStarted, m_pageController.get(),
             &PageController::showPassphraseRequestDrawer);
@@ -383,6 +409,30 @@ void AmneziaApplication::initControllers()
     connect(m_installController.get(), &InstallController::currentContainerUpdated, m_connectionController.get(),
             &ConnectionController::onCurrentContainerUpdated);
 
+    connect(m_installController.get(), &InstallController::updateServerFromApiFinished, this, [this]() {
+        disconnect(m_reloadConfigErrorOccurredConnection);
+        emit m_connectionController->configFromApiUpdated();
+    });
+
+    connect(m_connectionController.get(), &ConnectionController::updateApiConfigFromGateway, this, [this]() {
+        m_reloadConfigErrorOccurredConnection = connect(
+                m_installController.get(), qOverload<ErrorCode>(&InstallController::installationErrorOccurred), this,
+                [this]() { emit m_vpnConnection->connectionStateChanged(Vpn::ConnectionState::Disconnected); },
+                static_cast<Qt::ConnectionType>(Qt::AutoConnection || Qt::SingleShotConnection));
+        m_installController->updateServiceFromApi(m_serversModel->getDefaultServerIndex(), "", "");
+    });
+
+    connect(m_connectionController.get(), &ConnectionController::updateApiConfigFromTelegram, this, [this]() {
+        m_reloadConfigErrorOccurredConnection = connect(
+                m_installController.get(), qOverload<ErrorCode>(&InstallController::installationErrorOccurred), this,
+                [this]() { emit m_vpnConnection->connectionStateChanged(Vpn::ConnectionState::Disconnected); },
+                static_cast<Qt::ConnectionType>(Qt::AutoConnection || Qt::SingleShotConnection));
+        m_serversModel->removeApiConfig(m_serversModel->getDefaultServerIndex());
+        m_installController->updateServiceFromTelegram(m_serversModel->getDefaultServerIndex());
+    });
+
+    connect(this, &AmneziaApplication::translationsUpdated, m_connectionController.get(), &ConnectionController::onTranslationsUpdated);
+
     m_importController.reset(new ImportController(m_serversModel, m_containersModel, m_settings));
     m_engine->rootContext()->setContextProperty("ImportController", m_importController.get());
 

client/amnezia_application.h

@@ -2,6 +2,7 @@
 #define AMNEZIA_APPLICATION_H
 
 #include <QCommandLineParser>
+#include <QNetworkAccessManager>
 #include <QQmlApplicationEngine>
 #include <QQmlContext>
 #include <QThread>
@@ -40,9 +41,12 @@
 #include "ui/models/protocols_model.h"
 #include "ui/models/servers_model.h"
 #include "ui/models/services/sftpConfigModel.h"
+#include "ui/models/services/socks5ProxyConfigModel.h"
 #include "ui/models/sites_model.h"
 #include "ui/models/clientManagementModel.h"
 #include "ui/models/appSplitTunnelingModel.h"
+#include "ui/models/apiServicesModel.h"
+#include "ui/models/apiCountryModel.h"
 
 #define amnApp (static_cast<AmneziaApplication *>(QCoreApplication::instance()))
 
@@ -75,6 +79,7 @@ public:
     bool parseCommands();
 
     QQmlApplicationEngine *qmlEngine() const;
+    QNetworkAccessManager *manager() { return m_nam; }
 
 signals:
     void translationsUpdated();
@@ -100,6 +105,8 @@ private:
     QSharedPointer<SitesModel> m_sitesModel;
     QSharedPointer<AppSplitTunnelingModel> m_appSplitTunnelingModel;
     QSharedPointer<ClientManagementModel> m_clientManagementModel;
+    QSharedPointer<ApiServicesModel> m_apiServicesModel;
+    QSharedPointer<ApiCountryModel> m_apiCountryModel;
 
     QScopedPointer<OpenVpnConfigModel> m_openVpnConfigModel;
     QScopedPointer<ShadowSocksConfigModel> m_shadowSocksConfigModel;
@@ -112,6 +119,7 @@ private:
 #endif
 
     QScopedPointer<SftpConfigModel> m_sftpConfigModel;
+    QScopedPointer<Socks5ProxyConfigModel> m_socks5ConfigModel;
 
     QSharedPointer<VpnConnection> m_vpnConnection;
     QThread m_vpnConnectionThread;
@@ -128,6 +136,10 @@ private:
     QScopedPointer<SitesController> m_sitesController;
     QScopedPointer<SystemController> m_systemController;
     QScopedPointer<AppSplitTunnelingController> m_appSplitTunnelingController;
+
+    QNetworkAccessManager *m_nam;
+
+    QMetaObject::Connection m_reloadConfigErrorOccurredConnection;
 };
 
 #endif // AMNEZIA_APPLICATION_H

client/android/AndroidManifest.xml

@@ -3,7 +3,6 @@
 <manifest
     xmlns:android="http://schemas.android.com/apk/res/android"
     xmlns:tools="http://schemas.android.com/tools"
-    package="org.amnezia.vpn"
     android:versionName="-- %%INSERT_VERSION_NAME%% --"
     android:versionCode="-- %%INSERT_VERSION_CODE%% --"
     android:installLocation="auto">
@@ -11,6 +10,9 @@
     <uses-feature android:name="android.hardware.camera" android:required="false" />
     <uses-feature android:name="android.hardware.camera.any" android:required="false" />
     <uses-feature android:name="android.hardware.camera.autofocus" android:required="false" />
+    <!-- for TV -->
+    <uses-feature android:name="android.software.leanback" android:required="false" />
+    <uses-feature android:name="android.hardware.touchscreen" android:required="false" />
 
     <!-- The following comment will be replaced upon deployment with default features based on the dependencies
     of the application. Remove the comment if you do not require these default features. -->
@@ -31,9 +33,11 @@
         android:label="-- %%INSERT_APP_NAME%% --"
         android:icon="@mipmap/icon"
         android:roundIcon="@mipmap/icon_round"
+        android:banner="@mipmap/ic_banner"
         android:theme="@style/NoActionBar"
         android:fullBackupContent="@xml/backup_content"
         android:dataExtractionRules="@xml/data_extraction_rules"
+        android:hasFragileUserData="false"
         tools:targetApi="s">
 
         <activity
@@ -41,12 +45,13 @@
             android:configChanges="uiMode|screenSize|smallestScreenSize|screenLayout|orientation|density
                 |fontScale|layoutDirection|locale|keyboard|keyboardHidden|navigation|mcc|mnc"
             android:launchMode="singleInstance"
-            android:windowSoftInputMode="adjustResize"
+            android:windowSoftInputMode="stateUnchanged|adjustResize"
             android:exported="true">
 
             <intent-filter>
                 <action android:name="android.intent.action.MAIN" />
                 <category android:name="android.intent.category.LAUNCHER" />
+                <category android:name="android.intent.category.LEANBACK_LAUNCHER" />
             </intent-filter>
 
             <intent-filter>
@@ -62,9 +67,6 @@
                 android:name="android.app.lib_name"
                 android:value="-- %%INSERT_APP_LIB_NAME%% --" />
 
-            <meta-data
-                android:name="android.app.extract_android_style"
-                android:value="minimal" />
         </activity>
 
         <activity
@@ -82,6 +84,13 @@
             android:exported="false"
             android:theme="@style/Translucent" />
 
+        <activity android:name=".AuthActivity"
+            android:excludeFromRecents="true"
+            android:launchMode="singleTask"
+            android:taskAffinity=""
+            android:exported="false"
+            android:theme="@style/Translucent" />
+
         <activity
             android:name=".ImportConfigActivity"
             android:excludeFromRecents="true"
@@ -136,8 +145,34 @@
         </activity>
 
         <service
-            android:name=".AmneziaVpnService"
-            android:process=":amneziaVpnService"
+            android:name=".AwgService"
+            android:process=":amneziaAwgService"
+            android:permission="android.permission.BIND_VPN_SERVICE"
+            android:foregroundServiceType="systemExempted"
+            android:exported="false"
+            tools:ignore="ForegroundServicePermission">
+
+            <intent-filter>
+                <action android:name="android.net.VpnService" />
+            </intent-filter>
+        </service>
+
+        <service
+            android:name=".OpenVpnService"
+            android:process=":amneziaOpenVpnService"
+            android:permission="android.permission.BIND_VPN_SERVICE"
+            android:foregroundServiceType="systemExempted"
+            android:exported="false"
+            tools:ignore="ForegroundServicePermission">
+
+            <intent-filter>
+                <action android:name="android.net.VpnService" />
+            </intent-filter>
+        </service>
+
+        <service
+            android:name=".XrayService"
+            android:process=":amneziaXrayService"
             android:permission="android.permission.BIND_VPN_SERVICE"
             android:foregroundServiceType="systemExempted"
             android:exported="false"

client/android/awg/src/main/kotlin/Awg.kt

@@ -1,81 +1,28 @@
 package org.amnezia.vpn.protocol.awg
 
 import org.amnezia.vpn.protocol.wireguard.Wireguard
+import org.amnezia.vpn.util.optStringOrNull
 import org.json.JSONObject
 
-/**
- *    Config example:
- *    {
- *        "protocol": "awg",
- *        "description": "Server 1",
- *        "dns1": "1.1.1.1",
- *        "dns2": "1.0.0.1",
- *        "hostName": "100.100.100.0",
- *        "splitTunnelSites": [
- *        ],
- *        "splitTunnelType": 0,
- *        "awg_config_data": {
- *            "H1": "969537490",
- *            "H2": "481688153",
- *            "H3": "2049399200",
- *            "H4": "52029755",
- *            "Jc": "3",
- *            "Jmax": "1000",
- *            "Jmin": "50",
- *            "S1": "49",
- *            "S2": "60",
- *            "client_ip": "10.8.1.1",
- *            "hostName": "100.100.100.0",
- *            "port": 12345,
- *            "client_pub_key": "clientPublicKeyBase64",
- *            "client_priv_key": "privateKeyBase64",
- *            "psk_key": "presharedKeyBase64",
- *            "server_pub_key": "publicKeyBase64",
- *            "config": "[Interface]
- *                       Address = 10.8.1.1/32
- *                       DNS = 1.1.1.1, 1.0.0.1
- *                       PrivateKey = privateKeyBase64
- *                       Jc = 3
- *                       Jmin = 50
- *                       Jmax = 1000
- *                       S1 = 49
- *                       S2 = 60
- *                       H1 = 969537490
- *                       H2 = 481688153
- *                       H3 = 2049399200
- *                       H4 = 52029755
- *
- *                       [Peer]
- *                       PublicKey = publicKeyBase64
- *                       PresharedKey = presharedKeyBase64
- *                       AllowedIPs = 0.0.0.0/0, ::/0
- *                       Endpoint = 100.100.100.0:12345
- *                       PersistentKeepalive = 25
- *                       "
- *        }
- *    }
- */
-
 class Awg : Wireguard() {
 
     override val ifName: String = "awg0"
 
     override fun parseConfig(config: JSONObject): AwgConfig {
-        val configDataJson = config.getJSONObject("awg_config_data")
-        val configData = parseConfigData(configDataJson.getString("config"))
+        val configData = config.getJSONObject("awg_config_data")
         return AwgConfig.build {
-            configWireguard(configData, configDataJson)
+            configWireguard(config, configData)
             configSplitTunneling(config)
             configAppSplitTunneling(config)
-            configData["Jc"]?.let { setJc(it.toInt()) }
-            configData["Jmin"]?.let { setJmin(it.toInt()) }
-            configData["Jmax"]?.let { setJmax(it.toInt()) }
-            configData["S1"]?.let { setS1(it.toInt()) }
-            configData["S2"]?.let { setS2(it.toInt()) }
-            configData["H1"]?.let { setH1(it.toLong()) }
-            configData["H2"]?.let { setH2(it.toLong()) }
-            configData["H3"]?.let { setH3(it.toLong()) }
-            configData["H4"]?.let { setH4(it.toLong()) }
+            configData.optStringOrNull("Jc")?.let { setJc(it.toInt()) }
+            configData.optStringOrNull("Jmin")?.let { setJmin(it.toInt()) }
+            configData.optStringOrNull("Jmax")?.let { setJmax(it.toInt()) }
+            configData.optStringOrNull("S1")?.let { setS1(it.toInt()) }
+            configData.optStringOrNull("S2")?.let { setS2(it.toInt()) }
+            configData.optStringOrNull("H1")?.let { setH1(it.toLong()) }
+            configData.optStringOrNull("H2")?.let { setH2(it.toLong()) }
+            configData.optStringOrNull("H3")?.let { setH3(it.toLong()) }
+            configData.optStringOrNull("H4")?.let { setH4(it.toLong()) }
         }
     }
 }

client/android/build.gradle

@@ -3,3 +3,6 @@
 // android.bundle.enableUncompressedNativeLibs is deprecated
 // disable adding gradle property android.bundle.enableUncompressedNativeLibs by androiddeployqt
 useLegacyPackaging
+
+// package name for androiddeployqt
+namespace = "org.amnezia.vpn"

client/android/build.gradle.kts

@@ -3,6 +3,7 @@ import com.android.build.gradle.internal.api.BaseVariantOutputImpl
 plugins {
     alias(libs.plugins.android.application)
     alias(libs.plugins.kotlin.android)
+    alias(libs.plugins.kotlin.serialization)
     id("property-delegate")
 }
 
@@ -68,6 +69,12 @@ android {
             }
             signingConfig = signingConfigs["release"]
         }
+
+        create("fdroid") {
+            initWith(getByName("release"))
+            signingConfig = null
+            matchingFallbacks += "release"
+        }
     }
 
     splits {
@@ -98,7 +105,6 @@ android {
 }
 
 dependencies {
-    implementation(fileTree(mapOf("dir" to "libs", "include" to listOf("*.jar", "*.aar"))))
     implementation(project(":qt"))
     implementation(project(":utils"))
     implementation(project(":protocolApi"))
@@ -106,10 +112,14 @@ dependencies {
     implementation(project(":awg"))
     implementation(project(":openvpn"))
     implementation(project(":cloak"))
+    implementation(project(":xray"))
     implementation(libs.androidx.core)
     implementation(libs.androidx.activity)
+    implementation(libs.androidx.fragment)
     implementation(libs.kotlinx.coroutines)
+    implementation(libs.kotlinx.serialization.protobuf)
     implementation(libs.bundles.androidx.camera)
     implementation(libs.google.mlkit)
     implementation(libs.androidx.datastore)
+    implementation(libs.androidx.biometric)
 }

client/android/cloak/src/main/kotlin/Cloak.kt

@@ -5,36 +5,6 @@ import net.openvpn.ovpn3.ClientAPI_Config
 import org.amnezia.vpn.protocol.openvpn.OpenVpn
 import org.json.JSONObject
 
-/**
- *    Config Example:
- *    {
- *     "protocol": "cloak",
- *     "description": "Server 1",
- *     "dns1": "1.1.1.1",
- *     "dns2": "1.0.0.1",
- *     "hostName": "100.100.100.0",
- *     "splitTunnelSites": [
- *     ],
- *     "splitTunnelType": 0,
- *     "openvpn_config_data": {
- *           "config": "openVpnConfig"
- *     }
- *     "cloak_config_data": {
- *          "BrowserSig": "chrome",
- *          "EncryptionMethod": "aes-gcm",
- *          "NumConn": 1,
- *          "ProxyMethod": "openvpn",
- *          "PublicKey": "PublicKey=",
- *          "RemoteHost": "100.100.100.0",
- *          "RemotePort": "443",
- *          "ServerName": "servername",
- *          "StreamTimeout": 300,
- *          "Transport": "direct",
- *          "UID": "UID="
- *     }
- * }
- */
-
 class Cloak : OpenVpn() {
 
     override fun parseConfig(config: JSONObject): ClientAPI_Config {

client/android/gradle/libs.versions.toml

@@ -1,26 +1,32 @@
 [versions]
-agp = "8.2.0"
-kotlin = "1.9.20"
-androidx-core = "1.12.0"
-androidx-activity = "1.8.1"
-androidx-annotation = "1.7.0"
-androidx-camera = "1.3.0"
+agp = "8.5.2"
+kotlin = "1.9.24"
+androidx-core = "1.13.1"
+androidx-activity = "1.9.1"
+androidx-annotation = "1.8.2"
+androidx-biometric = "1.2.0-alpha05"
+androidx-camera = "1.3.4"
+androidx-fragment = "1.8.2"
 androidx-security-crypto = "1.1.0-alpha06"
-androidx-datastore = "1.1.0-beta01"
-kotlinx-coroutines = "1.7.3"
-google-mlkit = "17.2.0"
+androidx-datastore = "1.1.1"
+kotlinx-coroutines = "1.8.1"
+kotlinx-serialization = "1.6.3"
+google-mlkit = "17.3.0"
 
 [libraries]
 androidx-core = { module = "androidx.core:core-ktx", version.ref = "androidx-core" }
 androidx-activity = { module = "androidx.activity:activity-ktx", version.ref = "androidx-activity" }
 androidx-annotation = { module = "androidx.annotation:annotation", version.ref = "androidx-annotation" }
+androidx-biometric = { module = "androidx.biometric:biometric-ktx", version.ref = "androidx-biometric" }
 androidx-camera-core = { module = "androidx.camera:camera-core", version.ref = "androidx-camera" }
 androidx-camera-camera2 = { module = "androidx.camera:camera-camera2", version.ref = "androidx-camera" }
 androidx-camera-lifecycle = { module = "androidx.camera:camera-lifecycle", version.ref = "androidx-camera" }
 androidx-camera-view = { module = "androidx.camera:camera-view", version.ref = "androidx-camera" }
+androidx-fragment = { module = "androidx.fragment:fragment-ktx", version.ref = "androidx-fragment" }
 androidx-security-crypto = { module = "androidx.security:security-crypto-ktx", version.ref = "androidx-security-crypto" }
 androidx-datastore = { module = "androidx.datastore:datastore-preferences", version.ref = "androidx-datastore" }
 kotlinx-coroutines = { module = "org.jetbrains.kotlinx:kotlinx-coroutines-android", version.ref = "kotlinx-coroutines" }
+kotlinx-serialization-protobuf = { module = "org.jetbrains.kotlinx:kotlinx-serialization-protobuf", version.ref = "kotlinx-serialization" }
 google-mlkit = { module = "com.google.mlkit:barcode-scanning", version.ref = "google-mlkit" }
 
 [bundles]
@@ -35,3 +41,4 @@ androidx-camera = [
 android-application = { id = "com.android.application", version.ref = "agp" }
 android-library = { id = "com.android.library", version.ref = "agp" }
 kotlin-android = { id = "org.jetbrains.kotlin.android", version.ref = "kotlin" }
+kotlin-serialization = { id = "org.jetbrains.kotlin.plugin.serialization", version.ref = "kotlin"}

client/android/gradle/wrapper/gradle-wrapper.properties

@@ -1,7 +1,5 @@
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-8.5-bin.zip
-networkTimeout=10000
-validateDistributionUrl=true
+distributionUrl=https\://services.gradle.org/distributions/gradle-8.10-bin.zip
 zipStoreBase=GRADLE_USER_HOME
 zipStorePath=wrapper/dists

client/android/gradlew

@@ -15,6 +15,8 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #
+# SPDX-License-Identifier: Apache-2.0
+#
 
 ##############################################################################
 #
@@ -55,7 +57,7 @@
 #       Darwin, MinGW, and NonStop.
 #
 #   (3) This script is generated from the Groovy template
-#       https://github.com/gradle/gradle/blob/HEAD/subprojects/plugins/src/main/resources/org/gradle/api/internal/plugins/unixStartScript.txt
+#       https://github.com/gradle/gradle/blob/HEAD/platforms/jvm/plugins-application/src/main/resources/org/gradle/api/internal/plugins/unixStartScript.txt
 #       within the Gradle project.
 #
 #       You can find Gradle at https://github.com/gradle/gradle/.
@@ -84,7 +86,8 @@ done
 # shellcheck disable=SC2034
 APP_BASE_NAME=${0##*/}
 # Discard cd standard output in case $CDPATH is set (https://github.com/gradle/gradle/issues/25036)
-APP_HOME=$( cd "${APP_HOME:-./}" > /dev/null && pwd -P ) || exit
+APP_HOME=$( cd -P "${APP_HOME:-./}" > /dev/null && printf '%s
+' "$PWD" ) || exit
 
 # Use the maximum available, or set MAX_FD != -1 to use that value.
 MAX_FD=maximum

client/android/gradlew.bat

@@ -13,6 +13,8 @@
 @rem See the License for the specific language governing permissions and
 @rem limitations under the License.
 @rem
+@rem SPDX-License-Identifier: Apache-2.0
+@rem
 
 @if "%DEBUG%"=="" @echo off
 @rem ##########################################################################
@@ -43,11 +45,11 @@ set JAVA_EXE=java.exe
 %JAVA_EXE% -version >NUL 2>&1
 if %ERRORLEVEL% equ 0 goto execute
 
-echo.
-echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
-echo.
-echo Please set the JAVA_HOME variable in your environment to match the
-echo location of your Java installation.
+echo. 1>&2
+echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. 1>&2
+echo. 1>&2
+echo Please set the JAVA_HOME variable in your environment to match the 1>&2
+echo location of your Java installation. 1>&2
 
 goto fail
 
@@ -57,11 +59,11 @@ set JAVA_EXE=%JAVA_HOME%/bin/java.exe
 
 if exist "%JAVA_EXE%" goto execute
 
-echo.
-echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME%
-echo.
-echo Please set the JAVA_HOME variable in your environment to match the
-echo location of your Java installation.
+echo. 1>&2
+echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME% 1>&2
+echo. 1>&2
+echo Please set the JAVA_HOME variable in your environment to match the 1>&2
+echo location of your Java installation. 1>&2
 
 goto fail
 

client/android/openvpn/src/main/kotlin/org/amnezia/vpn/protocol/openvpn/OpenVpn.kt

@@ -1,15 +1,13 @@
 package org.amnezia.vpn.protocol.openvpn
 
-import android.content.Context
 import android.net.VpnService.Builder
 import kotlinx.coroutines.CoroutineScope
 import kotlinx.coroutines.Dispatchers
-import kotlinx.coroutines.flow.MutableStateFlow
+import kotlinx.coroutines.cancel
 import kotlinx.coroutines.launch
 import net.openvpn.ovpn3.ClientAPI_Config
 import org.amnezia.vpn.protocol.BadConfigException
 import org.amnezia.vpn.protocol.Protocol
-import org.amnezia.vpn.protocol.ProtocolState
 import org.amnezia.vpn.protocol.ProtocolState.DISCONNECTED
 import org.amnezia.vpn.protocol.Statistics
 import org.amnezia.vpn.protocol.VpnStartException
@@ -18,26 +16,8 @@ import org.amnezia.vpn.util.net.getLocalNetworks
 import org.amnezia.vpn.util.net.parseInetAddress
 import org.json.JSONObject
 
-/**
- *    Config Example:
- *    {
- *     "protocol": "openvpn",
- *     "description": "Server 1",
- *     "dns1": "1.1.1.1",
- *     "dns2": "1.0.0.1",
- *     "hostName": "100.100.100.0",
- *     "splitTunnelSites": [
- *     ],
- *     "splitTunnelType": 0,
- *     "openvpn_config_data": {
- *           "config": "openVpnConfig"
- *     }
- * }
- */
-
 open class OpenVpn : Protocol() {
 
-    private lateinit var context: Context
     private var openVpnClient: OpenVpnClient? = null
     private lateinit var scope: CoroutineScope
 
@@ -53,14 +33,15 @@ open class OpenVpn : Protocol() {
             return Statistics.EMPTY_STATISTICS
         }
 
-    override fun initialize(context: Context, state: MutableStateFlow<ProtocolState>, onError: (String) -> Unit) {
-        super.initialize(context, state, onError)
-        loadSharedLibrary(context, "ovpn3")
-        this.context = context
+    override fun internalInit() {
+        if (!isInitialized) loadSharedLibrary(context, "ovpn3")
+        if (this::scope.isInitialized) {
+            scope.cancel()
+        }
         scope = CoroutineScope(Dispatchers.IO)
     }
 
-    override fun startVpn(config: JSONObject, vpnBuilder: Builder, protect: (Int) -> Boolean) {
+    override suspend fun startVpn(config: JSONObject, vpnBuilder: Builder, protect: (Int) -> Boolean) {
         val configBuilder = OpenVpnConfig.Builder()
 
         openVpnClient = OpenVpnClient(

client/android/protocolApi/src/main/kotlin/Protocol.kt

@@ -27,15 +27,22 @@ private const val SPLIT_TUNNEL_EXCLUDE = 2
 abstract class Protocol {
 
     abstract val statistics: Statistics
+    protected lateinit var context: Context
     protected lateinit var state: MutableStateFlow<ProtocolState>
     protected lateinit var onError: (String) -> Unit
+    protected var isInitialized: Boolean = false
 
-    open fun initialize(context: Context, state: MutableStateFlow<ProtocolState>, onError: (String) -> Unit) {
+    fun initialize(context: Context, state: MutableStateFlow<ProtocolState>, onError: (String) -> Unit) {
+        this.context = context
         this.state = state
         this.onError = onError
+        internalInit()
+        isInitialized = true
     }
 
-    abstract fun startVpn(config: JSONObject, vpnBuilder: Builder, protect: (Int) -> Boolean)
+    protected abstract fun internalInit()
+
+    abstract suspend fun startVpn(config: JSONObject, vpnBuilder: Builder, protect: (Int) -> Boolean)
 
     abstract fun stopVpn()
 

client/android/qt/build.gradle.kts

@@ -21,5 +21,5 @@ android {
 }
 
 dependencies {
-    implementation(fileTree(mapOf("dir" to "../libs", "include" to listOf("*.jar", "*.aar"))))
+    api(fileTree(mapOf("dir" to "../libs", "include" to listOf("*.jar"))))
 }

client/android/res/mipmap-anydpi-v26/ic_banner.xml

@@ -0,0 +1,5 @@
+<?xml version="1.0" encoding="utf-8"?>
+<adaptive-icon xmlns:android="http://schemas.android.com/apk/res/android">
+    <background android:drawable="@color/ic_banner_background"/>
+    <foreground android:drawable="@mipmap/ic_banner_foreground"/>
+</adaptive-icon>

client/android/res/values/ic_banner_background.xml

@@ -0,0 +1,4 @@
+<?xml version="1.0" encoding="utf-8"?>
+<resources>
+    <color name="ic_banner_background">#1E1E1F</color>
+</resources>

client/android/res/values/styles.xml

@@ -1,6 +1,9 @@
 <?xml version="1.0" encoding="utf-8"?>
 <resources>
+    <color name="black">#FF0E0E11</color>
     <style name="NoActionBar">
+        <item name="android:windowBackground">@color/black</item>
+        <item name="android:colorBackground">@color/black</item>
         <item name="android:windowActionBar">false</item>
         <item name="android:windowNoTitle">true</item>
     </style>

client/android/settings.gradle.kts

@@ -22,7 +22,7 @@ dependencyResolutionManagement {
 includeBuild("./gradle/plugins")
 
 plugins {
-    id("com.android.settings") version "8.2.0"
+    id("com.android.settings") version "8.5.2"
     id("settings-property-delegate")
 }
 
@@ -36,6 +36,8 @@ include(":wireguard")
 include(":awg")
 include(":openvpn")
 include(":cloak")
+include(":xray")
+include(":xray:libXray")
 
 // get values from gradle or local properties
 val androidBuildToolsVersion: String by gradleProperties

client/android/src/org/amnezia/vpn/AmneziaActivity.kt

@@ -1,6 +1,7 @@
 package org.amnezia.vpn
 
 import android.Manifest
+import android.annotation.SuppressLint
 import android.app.AlertDialog
 import android.app.NotificationManager
 import android.content.BroadcastReceiver
@@ -34,6 +35,7 @@ import kotlinx.coroutines.CompletableDeferred
 import kotlinx.coroutines.CoroutineScope
 import kotlinx.coroutines.Dispatchers
 import kotlinx.coroutines.SupervisorJob
+import kotlinx.coroutines.async
 import kotlinx.coroutines.cancel
 import kotlinx.coroutines.launch
 import kotlinx.coroutines.runBlocking
@@ -43,6 +45,8 @@ import org.amnezia.vpn.protocol.getStatus
 import org.amnezia.vpn.qt.QtAndroidController
 import org.amnezia.vpn.util.Log
 import org.amnezia.vpn.util.Prefs
+import org.json.JSONException
+import org.json.JSONObject
 import org.qtproject.qt.android.bindings.QtActivity
 
 private const val TAG = "AmneziaActivity"
@@ -59,6 +63,7 @@ class AmneziaActivity : QtActivity() {
 
     private lateinit var mainScope: CoroutineScope
     private val qtInitialized = CompletableDeferred<Unit>()
+    private var vpnProto: VpnProto? = null
     private var isWaitingStatus = true
     private var isServiceConnected = false
     private var isInBoundState = false
@@ -141,6 +146,7 @@ class AmneziaActivity : QtActivity() {
             override fun onBindingDied(name: ComponentName?) {
                 Log.w(TAG, "Binding to the ${name?.flattenToString()} unexpectedly died")
                 doUnbindService()
+                QtAndroidController.onServiceDisconnected()
                 doBindService()
             }
         }
@@ -152,16 +158,25 @@ class AmneziaActivity : QtActivity() {
     override fun onCreate(savedInstanceState: Bundle?) {
         super.onCreate(savedInstanceState)
         Log.d(TAG, "Create Amnezia activity: $intent")
+        window.apply {
+            addFlags(LayoutParams.FLAG_DRAWS_SYSTEM_BAR_BACKGROUNDS)
+            statusBarColor = getColor(R.color.black)
+        }
         mainScope = CoroutineScope(SupervisorJob() + Dispatchers.Main.immediate)
+        val proto = mainScope.async(Dispatchers.IO) {
+            VpnStateStore.getVpnState().vpnProto
+        }
         vpnServiceMessenger = IpcMessenger(
             "VpnService",
             onDeadObjectException = {
                 doUnbindService()
+                QtAndroidController.onServiceDisconnected()
                 doBindService()
             }
         )
         registerBroadcastReceivers()
         intent?.let(::processIntent)
+        runBlocking { vpnProto = proto.await() }
     }
 
     private fun registerBroadcastReceivers() {
@@ -209,13 +224,21 @@ class AmneziaActivity : QtActivity() {
         Log.d(TAG, "Start Amnezia activity")
         mainScope.launch {
             qtInitialized.await()
-            doBindService()
+            vpnProto?.let { proto ->
+                if (AmneziaVpnService.isRunning(applicationContext, proto.processName)) {
+                    doBindService()
+                }
+            }
         }
     }
 
     override fun onStop() {
         Log.d(TAG, "Stop Amnezia activity")
         doUnbindService()
+        mainScope.launch {
+            qtInitialized.await()
+            QtAndroidController.onServiceDisconnected()
+        }
         super.onStop()
     }
 
@@ -269,10 +292,12 @@ class AmneziaActivity : QtActivity() {
     @MainThread
     private fun doBindService() {
         Log.d(TAG, "Bind service")
-        Intent(this, AmneziaVpnService::class.java).also {
-            bindService(it, serviceConnection, BIND_ABOVE_CLIENT and BIND_AUTO_CREATE)
+        vpnProto?.let { proto ->
+            Intent(this, proto.serviceClass).also {
+                bindService(it, serviceConnection, BIND_ABOVE_CLIENT and BIND_AUTO_CREATE)
+            }
+            isInBoundState = true
         }
-        isInBoundState = true
     }
 
     @MainThread
@@ -280,7 +305,6 @@ class AmneziaActivity : QtActivity() {
         if (isInBoundState) {
             Log.d(TAG, "Unbind service")
             isWaitingStatus = true
-            QtAndroidController.onServiceDisconnected()
             isServiceConnected = false
             vpnServiceMessenger.send(Action.UNREGISTER_CLIENT, activityMessenger)
             vpnServiceMessenger.reset()
@@ -365,13 +389,32 @@ class AmneziaActivity : QtActivity() {
 
     @MainThread
     private fun startVpn(vpnConfig: String) {
-        if (isServiceConnected) {
-            connectToVpn(vpnConfig)
-        } else {
+        getVpnProto(vpnConfig)?.let { proto ->
+            Log.d(TAG, "Proto from config: $proto, current proto: $vpnProto")
+            if (isServiceConnected) {
+                if (proto.serviceClass == vpnProto?.serviceClass) {
+                    vpnProto = proto
+                    connectToVpn(vpnConfig)
+                    return
+                }
+                doUnbindService()
+            }
+            vpnProto = proto
             isWaitingStatus = false
-            startVpnService(vpnConfig)
+            startVpnService(vpnConfig, proto)
             doBindService()
-        }
+        } ?: QtAndroidController.onServiceError()
+    }
+
+    private fun getVpnProto(vpnConfig: String): VpnProto? = try {
+        require(vpnConfig.isNotBlank()) { "Blank VPN config" }
+        VpnProto.get(JSONObject(vpnConfig).getString("protocol"))
+    } catch (e: JSONException) {
+        Log.e(TAG, "Invalid VPN config json format: ${e.message}")
+        null
+    } catch (e: IllegalArgumentException) {
+        Log.e(TAG, "Protocol not found: ${e.message}")
+        null
     }
 
     private fun connectToVpn(vpnConfig: String) {
@@ -383,15 +426,15 @@ class AmneziaActivity : QtActivity() {
         }
     }
 
-    private fun startVpnService(vpnConfig: String) {
-        Log.d(TAG, "Start VPN service")
-        Intent(this, AmneziaVpnService::class.java).apply {
+    private fun startVpnService(vpnConfig: String, proto: VpnProto) {
+        Log.d(TAG, "Start VPN service: $proto")
+        Intent(this, proto.serviceClass).apply {
             putExtra(MSG_VPN_CONFIG, vpnConfig)
         }.also {
             try {
                 ContextCompat.startForegroundService(this, it)
             } catch (e: SecurityException) {
-                Log.e(TAG, "Failed to start AmneziaVpnService: $e")
+                Log.e(TAG, "Failed to start ${proto.serviceClass.simpleName}: $e")
                 QtAndroidController.onServiceError()
             }
         }
@@ -507,7 +550,7 @@ class AmneziaActivity : QtActivity() {
                 }
             }.also {
                 startActivityForResult(it, OPEN_FILE_ACTION_CODE, ActivityResultHandler(
-                    onSuccess = {
+                    onAny = {
                         val uri = it?.data?.toString() ?: ""
                         Log.d(TAG, "Open file: $uri")
                         mainScope.launch {
@@ -521,8 +564,12 @@ class AmneziaActivity : QtActivity() {
     }
 
     @Suppress("unused")
+    @SuppressLint("UnsupportedChromeOsCameraSystemFeature")
     fun isCameraPresent(): Boolean = applicationContext.packageManager.hasSystemFeature(PackageManager.FEATURE_CAMERA)
 
+    @Suppress("unused")
+    fun isOnTv(): Boolean = applicationContext.packageManager.hasSystemFeature(PackageManager.FEATURE_LEANBACK)
+
     @Suppress("unused")
     fun startQrCodeReader() {
         Log.v(TAG, "Start camera")
@@ -567,6 +614,14 @@ class AmneziaActivity : QtActivity() {
         }
     }
 
+    @Suppress("unused")
+    fun setNavigationBarColor(color: Int) {
+        Log.v(TAG, "Change navigation bar color: ${"#%08X".format(color)}")
+        mainScope.launch {
+            window.navigationBarColor = color
+        }
+    }
+
     @Suppress("unused")
     fun minimizeApp() {
         Log.v(TAG, "Minimize application")
@@ -641,6 +696,17 @@ class AmneziaActivity : QtActivity() {
             .show()
     }
 
+    @Suppress("unused")
+    fun requestAuthentication() {
+        Log.v(TAG, "Request authentication")
+        mainScope.launch {
+            qtInitialized.await()
+            Intent(this@AmneziaActivity, AuthActivity::class.java).also {
+                startActivity(it)
+            }
+        }
+    }
+
     /**
      * Utils methods
      */

client/android/src/org/amnezia/vpn/AmneziaTileService.kt

@@ -39,6 +39,9 @@ class AmneziaTileService : TileService() {
 
     @Volatile
     private var isServiceConnected = false
+
+    @Volatile
+    private var vpnProto: VpnProto? = null
     private var isInBoundState = false
     @Volatile
     private var isVpnConfigExists = false
@@ -94,16 +97,21 @@ class AmneziaTileService : TileService() {
 
     override fun onStartListening() {
         super.onStartListening()
-        Log.d(TAG, "Start listening")
-        if (AmneziaVpnService.isRunning(applicationContext)) {
-            Log.d(TAG, "Vpn service is running")
-            doBindService()
-        } else {
-            Log.d(TAG, "Vpn service is not running")
-            isServiceConnected = false
-            updateVpnState(DISCONNECTED)
+        scope.launch {
+            Log.d(TAG, "Start listening")
+            vpnProto = VpnStateStore.getVpnState().vpnProto
+            vpnProto.also { proto ->
+                if (proto != null && AmneziaVpnService.isRunning(applicationContext, proto.processName)) {
+                    Log.d(TAG, "Vpn service is running")
+                    doBindService()
+                } else {
+                    Log.d(TAG, "Vpn service is not running")
+                    isServiceConnected = false
+                    updateVpnState(DISCONNECTED)
+                }
+            }
+            vpnStateListeningJob = launchVpnStateListening()
         }
-        vpnStateListeningJob = launchVpnStateListening()
     }
 
     override fun onStopListening() {
@@ -124,7 +132,7 @@ class AmneziaTileService : TileService() {
     }
 
     private fun onClickInternal() {
-        if (isVpnConfigExists) {
+        if (isVpnConfigExists && vpnProto != null) {
             Log.d(TAG, "Change VPN state")
             if (qsTile.state == Tile.STATE_INACTIVE) {
                 Log.d(TAG, "Start VPN")
@@ -147,10 +155,12 @@ class AmneziaTileService : TileService() {
 
     private fun doBindService() {
         Log.d(TAG, "Bind service")
-        Intent(this, AmneziaVpnService::class.java).also {
-            bindService(it, serviceConnection, BIND_ABOVE_CLIENT)
+        vpnProto?.let { proto ->
+            Intent(this, proto.serviceClass).also {
+                bindService(it, serviceConnection, BIND_ABOVE_CLIENT)
+            }
+            isInBoundState = true
         }
-        isInBoundState = true
     }
 
     private fun doUnbindService() {
@@ -180,6 +190,7 @@ class AmneziaTileService : TileService() {
         if (VpnService.prepare(applicationContext) != null) {
             Intent(this, VpnRequestActivity::class.java).apply {
                 addFlags(Intent.FLAG_ACTIVITY_NEW_TASK)
+                putExtra(EXTRA_PROTOCOL, vpnProto)
             }.also {
                 startActivityAndCollapseCompat(it)
             }
@@ -189,14 +200,16 @@ class AmneziaTileService : TileService() {
         }
 
     private fun startVpnService() {
-        try {
-            ContextCompat.startForegroundService(
-                applicationContext,
-                Intent(this, AmneziaVpnService::class.java)
-            )
-        } catch (e: SecurityException) {
-            Log.e(TAG, "Failed to start AmneziaVpnService: $e")
-        }
+        vpnProto?.let { proto ->
+            try {
+                ContextCompat.startForegroundService(
+                    applicationContext,
+                    Intent(this, proto.serviceClass)
+                )
+            } catch (e: SecurityException) {
+                Log.e(TAG, "Failed to start ${proto.serviceClass.simpleName}: $e")
+            }
+        } ?: Log.e(TAG, "Failed to start vpn service: vpnProto is null")
     }
 
     private fun connectToVpn() = vpnServiceMessenger.send(Action.CONNECT)
@@ -220,11 +233,8 @@ class AmneziaTileService : TileService() {
         }
     }
 
-    private fun updateVpnState(state: ProtocolState) {
-        scope.launch {
-            VpnStateStore.store { it.copy(protocolState = state) }
-        }
-    }
+    private fun updateVpnState(state: ProtocolState) =
+        scope.launch { VpnStateStore.store { it.copy(protocolState = state) } }
 
     private fun launchVpnStateListening() =
         scope.launch { VpnStateStore.dataFlow().collectLatest(::updateTile) }
@@ -232,9 +242,10 @@ class AmneziaTileService : TileService() {
     private fun updateTile(vpnState: VpnState) {
         Log.d(TAG, "Update tile: $vpnState")
         isVpnConfigExists = vpnState.serverName != null
+        vpnProto = vpnState.vpnProto
         val tile = qsTile ?: return
         tile.apply {
-            label = vpnState.serverName ?: DEFAULT_TILE_LABEL
+            label = (vpnState.serverName ?: DEFAULT_TILE_LABEL) + (vpnProto?.let { " ${it.label}" } ?: "")
             when (val protocolState = vpnState.protocolState) {
                 CONNECTED -> {
                     state = Tile.STATE_ACTIVE

client/android/src/org/amnezia/vpn/AmneziaVpnService.kt

@@ -1,5 +1,6 @@
 package org.amnezia.vpn
 
+import android.annotation.SuppressLint
 import android.app.ActivityManager
 import android.app.ActivityManager.RunningAppProcessInfo.IMPORTANCE_FOREGROUND_SERVICE
 import android.app.NotificationManager
@@ -30,6 +31,7 @@ import kotlinx.coroutines.Job
 import kotlinx.coroutines.SupervisorJob
 import kotlinx.coroutines.TimeoutCancellationException
 import kotlinx.coroutines.cancel
+import kotlinx.coroutines.cancelAndJoin
 import kotlinx.coroutines.delay
 import kotlinx.coroutines.flow.MutableStateFlow
 import kotlinx.coroutines.flow.drop
@@ -39,7 +41,6 @@ import kotlinx.coroutines.runBlocking
 import kotlinx.coroutines.withTimeout
 import org.amnezia.vpn.protocol.BadConfigException
 import org.amnezia.vpn.protocol.LoadLibraryException
-import org.amnezia.vpn.protocol.Protocol
 import org.amnezia.vpn.protocol.ProtocolState.CONNECTED
 import org.amnezia.vpn.protocol.ProtocolState.CONNECTING
 import org.amnezia.vpn.protocol.ProtocolState.DISCONNECTED
@@ -48,11 +49,7 @@ import org.amnezia.vpn.protocol.ProtocolState.RECONNECTING
 import org.amnezia.vpn.protocol.ProtocolState.UNKNOWN
 import org.amnezia.vpn.protocol.VpnException
 import org.amnezia.vpn.protocol.VpnStartException
-import org.amnezia.vpn.protocol.awg.Awg
-import org.amnezia.vpn.protocol.cloak.Cloak
-import org.amnezia.vpn.protocol.openvpn.OpenVpn
 import org.amnezia.vpn.protocol.putStatus
-import org.amnezia.vpn.protocol.wireguard.Wireguard
 import org.amnezia.vpn.util.Log
 import org.amnezia.vpn.util.Prefs
 import org.amnezia.vpn.util.net.NetworkState
@@ -63,6 +60,7 @@ import org.json.JSONObject
 private const val TAG = "AmneziaVpnService"
 
 const val ACTION_DISCONNECT = "org.amnezia.vpn.action.disconnect"
+const val ACTION_CONNECT = "org.amnezia.vpn.action.connect"
 
 const val MSG_VPN_CONFIG = "VPN_CONFIG"
 const val MSG_ERROR = "ERROR"
@@ -73,19 +71,18 @@ const val AFTER_PERMISSION_CHECK = "AFTER_PERMISSION_CHECK"
 private const val PREFS_CONFIG_KEY = "LAST_CONF"
 private const val PREFS_SERVER_NAME = "LAST_SERVER_NAME"
 private const val PREFS_SERVER_INDEX = "LAST_SERVER_INDEX"
-private const val PROCESS_NAME = "org.amnezia.vpn:amneziaVpnService"
 // private const val STATISTICS_SENDING_TIMEOUT = 1000L
 private const val TRAFFIC_STATS_UPDATE_TIMEOUT = 1000L
 private const val DISCONNECT_TIMEOUT = 5000L
 private const val STOP_SERVICE_TIMEOUT = 5000L
 
-class AmneziaVpnService : VpnService() {
+@SuppressLint("Registered")
+open class AmneziaVpnService : VpnService() {
 
     private lateinit var mainScope: CoroutineScope
     private lateinit var connectionScope: CoroutineScope
     private var isServiceBound = false
-    private var protocol: Protocol? = null
-    private val protocolCache = mutableMapOf<String, Protocol>()
+    private var vpnProto: VpnProto? = null
     private var protocolState = MutableStateFlow(UNKNOWN)
     private var serverName: String? = null
     private var serverIndex: Int = -1
@@ -105,7 +102,7 @@ class AmneziaVpnService : VpnService() {
     // private var statisticsSendingJob: Job? = null
     private lateinit var networkState: NetworkState
     private lateinit var trafficStats: TrafficStats
-    private var disconnectReceiver: BroadcastReceiver? = null
+    private var controlReceiver: BroadcastReceiver? = null
     private var notificationStateReceiver: BroadcastReceiver? = null
     private var screenOnReceiver: BroadcastReceiver? = null
     private var screenOffReceiver: BroadcastReceiver? = null
@@ -115,8 +112,11 @@ class AmneziaVpnService : VpnService() {
         get() = clientMessengers.any { it.value.name == ACTIVITY_MESSENGER_NAME }
 
     private val connectionExceptionHandler = CoroutineExceptionHandler { _, e ->
+        connectionJob?.cancel()
+        connectionJob = null
+        disconnectionJob?.cancel()
+        disconnectionJob = null
         protocolState.value = DISCONNECTED
-        protocol = null
         when (e) {
             is IllegalArgumentException,
             is VpnStartException,
@@ -227,7 +227,8 @@ class AmneziaVpnService : VpnService() {
             connect(intent?.getStringExtra(MSG_VPN_CONFIG))
         }
         ServiceCompat.startForeground(
-            this, NOTIFICATION_ID, serviceNotification.buildNotification(serverName, protocolState.value),
+            this, NOTIFICATION_ID,
+            serviceNotification.buildNotification(serverName, vpnProto?.label, protocolState.value),
             foregroundServiceTypeCompat
         )
         return START_REDELIVER_INTENT
@@ -292,9 +293,17 @@ class AmneziaVpnService : VpnService() {
 
     private fun registerBroadcastReceivers() {
         Log.d(TAG, "Register broadcast receivers")
-        disconnectReceiver = registerBroadcastReceiver(ACTION_DISCONNECT, ContextCompat.RECEIVER_NOT_EXPORTED) {
-            Log.d(TAG, "Broadcast request received: $ACTION_DISCONNECT")
-            disconnect()
+        controlReceiver = registerBroadcastReceiver(
+            arrayOf(ACTION_CONNECT, ACTION_DISCONNECT), ContextCompat.RECEIVER_NOT_EXPORTED
+        ) {
+            it?.action?.let { action ->
+                Log.d(TAG, "Broadcast request received: $action")
+                when (action) {
+                    ACTION_CONNECT -> connect()
+                    ACTION_DISCONNECT -> disconnect()
+                    else -> Log.w(TAG, "Unknown action received: $action")
+                }
+            }
         }
 
         notificationStateReceiver = if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.P) {
@@ -340,10 +349,10 @@ class AmneziaVpnService : VpnService() {
 
     private fun unregisterBroadcastReceivers() {
         Log.d(TAG, "Unregister broadcast receivers")
-        unregisterBroadcastReceiver(disconnectReceiver)
+        unregisterBroadcastReceiver(controlReceiver)
         unregisterBroadcastReceiver(notificationStateReceiver)
         unregisterScreenStateBroadcastReceivers()
-        disconnectReceiver = null
+        controlReceiver = null
         notificationStateReceiver = null
     }
 
@@ -356,7 +365,7 @@ class AmneziaVpnService : VpnService() {
             protocolState.drop(1).collect { protocolState ->
                 Log.d(TAG, "Protocol state changed: $protocolState")
 
-                serviceNotification.updateNotification(serverName, protocolState)
+                serviceNotification.updateNotification(serverName, vpnProto?.label, protocolState)
 
                 clientMessengers.send {
                     ServiceEvent.STATUS_CHANGED.packToMessage {
@@ -364,7 +373,7 @@ class AmneziaVpnService : VpnService() {
                     }
                 }
 
-                VpnStateStore.store { VpnState(protocolState, serverName, serverIndex) }
+                VpnStateStore.store { VpnState(protocolState, serverName, serverIndex, vpnProto) }
 
                 when (protocolState) {
                     CONNECTED -> {
@@ -421,7 +430,7 @@ class AmneziaVpnService : VpnService() {
     @MainThread
     private fun enableNotification() {
         registerScreenStateBroadcastReceivers()
-        serviceNotification.updateNotification(serverName, protocolState.value)
+        serviceNotification.updateNotification(serverName, vpnProto?.label, protocolState.value)
         launchTrafficStatsUpdate()
     }
 
@@ -484,8 +493,6 @@ class AmneziaVpnService : VpnService() {
 
         Log.d(TAG, "Start VPN connection")
 
-        protocolState.value = CONNECTING
-
         val config = parseConfigToJson(vpnConfig)
         saveServerData(config)
         if (config == null) {
@@ -494,6 +501,16 @@ class AmneziaVpnService : VpnService() {
             return
         }
 
+        try {
+            vpnProto = VpnProto.get(config.getString("protocol"))
+        } catch (e: Exception) {
+            onError("Invalid VPN config: ${e.message}")
+            protocolState.value = DISCONNECTED
+            return
+        }
+
+        protocolState.value = CONNECTING
+
         if (!checkPermission()) {
             protocolState.value = DISCONNECTED
             return
@@ -503,8 +520,10 @@ class AmneziaVpnService : VpnService() {
             disconnectionJob?.join()
             disconnectionJob = null
 
-            protocol = getProtocol(config.getString("protocol"))
-            protocol?.startVpn(config, Builder(), ::protect)
+            vpnProto?.protocol?.let { protocol ->
+                protocol.initialize(applicationContext, protocolState, ::onError)
+                protocol.startVpn(config, Builder(), ::protect)
+            }
         }
     }
 
@@ -517,11 +536,11 @@ class AmneziaVpnService : VpnService() {
         protocolState.value = DISCONNECTING
 
         disconnectionJob = connectionScope.launch {
-            connectionJob?.join()
+            connectionJob?.cancelAndJoin()
             connectionJob = null
 
-            protocol?.stopVpn()
-            protocol = null
+            vpnProto?.protocol?.stopVpn()
+
             try {
                 withTimeout(DISCONNECT_TIMEOUT) {
                     // waiting for disconnect state
@@ -543,22 +562,10 @@ class AmneziaVpnService : VpnService() {
         protocolState.value = RECONNECTING
 
         connectionJob = connectionScope.launch {
-            protocol?.reconnectVpn(Builder())
+            vpnProto?.protocol?.reconnectVpn(Builder())
         }
     }
 
-    @MainThread
-    private fun getProtocol(protocolName: String): Protocol =
-        protocolCache[protocolName]
-            ?: when (protocolName) {
-                "wireguard" -> Wireguard()
-                "awg" -> Awg()
-                "openvpn" -> OpenVpn()
-                "cloak" -> Cloak()
-                else -> throw IllegalArgumentException("Protocol '$protocolName' not found")
-            }.apply { initialize(applicationContext, protocolState, ::onError) }
-                .also { protocolCache[protocolName] = it }
-
     /**
      * Utils methods
      */
@@ -603,6 +610,7 @@ class AmneziaVpnService : VpnService() {
         if (prepare(applicationContext) != null) {
             Intent(this, VpnRequestActivity::class.java).apply {
                 addFlags(Intent.FLAG_ACTIVITY_NEW_TASK)
+                putExtra(EXTRA_PROTOCOL, vpnProto)
             }.also {
                 startActivity(it)
             }
@@ -612,9 +620,9 @@ class AmneziaVpnService : VpnService() {
         }
 
     companion object {
-        fun isRunning(context: Context): Boolean =
+        fun isRunning(context: Context, processName: String): Boolean =
             context.getSystemService<ActivityManager>()!!.runningAppProcesses.any {
-                it.processName == PROCESS_NAME && it.importance <= IMPORTANCE_FOREGROUND_SERVICE
+                it.processName == processName && it.importance <= IMPORTANCE_FOREGROUND_SERVICE
             }
     }
 }

client/android/src/org/amnezia/vpn/AuthActivity.kt

@@ -0,0 +1,97 @@
+package org.amnezia.vpn
+
+import android.os.Build
+import android.os.Bundle
+import androidx.biometric.BiometricManager
+import androidx.biometric.BiometricManager.Authenticators.BIOMETRIC_STRONG
+import androidx.biometric.BiometricManager.Authenticators.DEVICE_CREDENTIAL
+import androidx.biometric.BiometricPrompt
+import androidx.biometric.BiometricPrompt.AuthenticationResult
+import androidx.core.content.ContextCompat
+import androidx.fragment.app.FragmentActivity
+import org.amnezia.vpn.qt.QtAndroidController
+import org.amnezia.vpn.util.Log
+
+private const val TAG = "AuthActivity"
+
+private const val AUTHENTICATORS = BIOMETRIC_STRONG or DEVICE_CREDENTIAL
+
+class AuthActivity : FragmentActivity() {
+
+    override fun onCreate(savedInstanceState: Bundle?) {
+        super.onCreate(savedInstanceState)
+
+        val biometricManager = BiometricManager.from(applicationContext)
+        when (biometricManager.canAuthenticate(AUTHENTICATORS)) {
+            BiometricManager.BIOMETRIC_SUCCESS -> {
+                showBiometricPrompt(biometricManager)
+                return
+            }
+
+            BiometricManager.BIOMETRIC_STATUS_UNKNOWN -> {
+                Log.w(TAG, "Unknown biometric status")
+                showBiometricPrompt(biometricManager)
+                return
+            }
+
+            BiometricManager.BIOMETRIC_ERROR_UNSUPPORTED -> {
+                Log.e(TAG, "The specified options are incompatible with the current Android " +
+                    "version ${Build.VERSION.SDK_INT}")
+            }
+
+            BiometricManager.BIOMETRIC_ERROR_HW_UNAVAILABLE -> {
+                Log.w(TAG, "The hardware is unavailable")
+            }
+
+            BiometricManager.BIOMETRIC_ERROR_NONE_ENROLLED -> {
+                Log.w(TAG, "No biometric or device credential is enrolled")
+            }
+
+            BiometricManager.BIOMETRIC_ERROR_NO_HARDWARE -> {
+                Log.w(TAG, "There is no suitable hardware")
+            }
+
+            BiometricManager.BIOMETRIC_ERROR_SECURITY_UPDATE_REQUIRED -> {
+                Log.w(TAG, "A security vulnerability has been discovered with one or " +
+                    "more hardware sensors")
+            }
+        }
+        QtAndroidController.onAuthResult(true)
+        finish()
+    }
+
+    private fun showBiometricPrompt(biometricManager: BiometricManager) {
+        val executor = ContextCompat.getMainExecutor(applicationContext)
+        val biometricPrompt = BiometricPrompt(this, executor,
+            object : BiometricPrompt.AuthenticationCallback() {
+                override fun onAuthenticationSucceeded(result: AuthenticationResult) {
+                    super.onAuthenticationSucceeded(result)
+                    Log.d(TAG, "Authentication succeeded")
+                    QtAndroidController.onAuthResult(true)
+                    finish()
+                }
+
+                override fun onAuthenticationFailed() {
+                    super.onAuthenticationFailed()
+                    Log.w(TAG, "Authentication failed")
+                }
+
+                override fun onAuthenticationError(errorCode: Int, errString: CharSequence) {
+                    super.onAuthenticationError(errorCode, errString)
+                    Log.e(TAG, "Authentication error $errorCode: $errString")
+                    QtAndroidController.onAuthResult(false)
+                    finish()
+                }
+            })
+
+
+
+        val promptInfo = BiometricPrompt.PromptInfo.Builder()
+            .setAllowedAuthenticators(AUTHENTICATORS)
+            .setTitle("AmneziaVPN")
+            .setSubtitle(biometricManager.getStrings(AUTHENTICATORS)?.promptMessage)
+            .build()
+
+        biometricPrompt.authenticate(promptInfo)
+    }
+}

client/android/src/org/amnezia/vpn/AuthHelper.java

@@ -1,24 +0,0 @@
-package org.amnezia.vpn;
-
-import android.content.Context;
-import android.app.KeyguardManager;
-import android.content.Intent;
-import org.qtproject.qt.android.bindings.QtActivity;
-
-
-import static android.content.Context.KEYGUARD_SERVICE;
-
-public class AuthHelper extends QtActivity {
-
-   static final String TAG = "AuthHelper";
-  
-   public static Intent getAuthIntent(Context context) {
-   	KeyguardManager mKeyguardManager = (KeyguardManager)context.getSystemService(KEYGUARD_SERVICE);
-   	if (mKeyguardManager.isDeviceSecure()) {
-                return mKeyguardManager.createConfirmDeviceCredentialIntent(null, null);
-        } else {
-        	return null;
-        }     
-   }
-   
-}

client/android/src/org/amnezia/vpn/AwgService.kt

@@ -0,0 +1,3 @@
+package org.amnezia.vpn
+
+class AwgService : AmneziaVpnService()

client/android/src/org/amnezia/vpn/CameraActivity.kt

@@ -140,7 +140,7 @@ class CameraActivity : ComponentActivity() {
                             }
                         }
                     }.addOnFailureListener {
-                        Log.e(TAG, "Processing QR-code image failed: ${it.message}")
+                        Log.e(TAG, "Processing QR code image failed: ${it.message}")
                     }.addOnCompleteListener {
                         imageProxy.close()
                     }

client/android/src/org/amnezia/vpn/ImportConfigActivity.kt

@@ -33,10 +33,10 @@ class ImportConfigActivity : ComponentActivity() {
         intent?.let(::readConfig)
     }
 
-    override fun onNewIntent(intent: Intent?) {
+    override fun onNewIntent(intent: Intent) {
         super.onNewIntent(intent)
         Log.d(TAG, "onNewIntent: $intent")
-        intent?.let(::readConfig)
+        intent.let(::readConfig)
     }
 
     private fun readConfig(intent: Intent) {

client/android/src/org/amnezia/vpn/OpenVpnService.kt

@@ -0,0 +1,3 @@
+package org.amnezia.vpn
+
+class OpenVpnService : AmneziaVpnService()

client/android/src/org/amnezia/vpn/ServiceNotification.kt

@@ -59,14 +59,14 @@ class ServiceNotification(private val context: Context) {
         formatSpeedString(rxString, txString)
     }
 
-    fun buildNotification(serverName: String?, state: ProtocolState): Notification {
+    fun buildNotification(serverName: String?, protocol: String?, state: ProtocolState): Notification {
         val speedString = if (state == CONNECTED) zeroSpeed else null
 
         Log.d(TAG, "Build notification: $serverName, $state")
 
         return notificationBuilder
             .setSmallIcon(R.drawable.ic_amnezia_round)
-            .setContentTitle(serverName ?: "AmneziaVPN")
+            .setContentTitle((serverName ?: "AmneziaVPN") + (protocol?.let { " $it" } ?: ""))
             .setContentText(context.getString(state))
             .setSubText(speedString)
             .setWhen(System.currentTimeMillis())
@@ -96,10 +96,10 @@ class ServiceNotification(private val context: Context) {
     }
 
     @SuppressLint("MissingPermission")
-    fun updateNotification(serverName: String?, state: ProtocolState) {
+    fun updateNotification(serverName: String?, protocol: String?, state: ProtocolState) {
         if (context.isNotificationPermissionGranted()) {
             Log.d(TAG, "Update notification: $serverName, $state")
-            notificationManager.notify(NOTIFICATION_ID, buildNotification(serverName, state))
+            notificationManager.notify(NOTIFICATION_ID, buildNotification(serverName, protocol, state))
         }
     }
 
@@ -125,7 +125,7 @@ class ServiceNotification(private val context: Context) {
                         context,
                         DISCONNECT_REQUEST_CODE,
                         Intent(ACTION_DISCONNECT).apply {
-                            setPackage("org.amnezia.vpn")
+                            setPackage(context.packageName)
                         },
                         PendingIntent.FLAG_IMMUTABLE or PendingIntent.FLAG_UPDATE_CURRENT
                     )
@@ -135,10 +135,12 @@ class ServiceNotification(private val context: Context) {
             DISCONNECTED -> {
                 Action(
                     0, context.getString(R.string.connect),
-                    createServicePendingIntent(
+                    PendingIntent.getBroadcast(
                         context,
                         CONNECT_REQUEST_CODE,
-                        Intent(context, AmneziaVpnService::class.java),
+                        Intent(ACTION_CONNECT).apply {
+                            setPackage(context.packageName)
+                        },
                         PendingIntent.FLAG_IMMUTABLE or PendingIntent.FLAG_UPDATE_CURRENT
                     )
                 )
@@ -148,13 +150,6 @@ class ServiceNotification(private val context: Context) {
         }
     }
 
-    private val createServicePendingIntent: (Context, Int, Intent, Int) -> PendingIntent =
-        if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.O) {
-            PendingIntent::getForegroundService
-        } else {
-            PendingIntent::getService
-        }
-
     companion object {
         fun createNotificationChannel(context: Context) {
             with(NotificationManagerCompat.from(context)) {

client/android/src/org/amnezia/vpn/VpnProto.kt

@@ -0,0 +1,75 @@
+package org.amnezia.vpn
+
+import org.amnezia.vpn.protocol.Protocol
+import org.amnezia.vpn.protocol.awg.Awg
+import org.amnezia.vpn.protocol.cloak.Cloak
+import org.amnezia.vpn.protocol.openvpn.OpenVpn
+import org.amnezia.vpn.protocol.wireguard.Wireguard
+import org.amnezia.vpn.protocol.xray.Xray
+
+enum class VpnProto(
+    val label: String,
+    val processName: String,
+    val serviceClass: Class<out AmneziaVpnService>
+) {
+    WIREGUARD(
+        "WireGuard",
+        "org.amnezia.vpn:amneziaAwgService",
+        AwgService::class.java
+    ) {
+        override fun createProtocol(): Protocol = Wireguard()
+    },
+
+    AWG(
+        "AmneziaWG",
+        "org.amnezia.vpn:amneziaAwgService",
+        AwgService::class.java
+    ) {
+        override fun createProtocol(): Protocol = Awg()
+    },
+
+    OPENVPN(
+        "OpenVPN",
+        "org.amnezia.vpn:amneziaOpenVpnService",
+        OpenVpnService::class.java
+    ) {
+        override fun createProtocol(): Protocol = OpenVpn()
+    },
+
+    CLOAK(
+        "Cloak",
+        "org.amnezia.vpn:amneziaOpenVpnService",
+        OpenVpnService::class.java
+    ) {
+        override fun createProtocol(): Protocol = Cloak()
+    },
+
+    XRAY(
+        "XRay",
+        "org.amnezia.vpn:amneziaXrayService",
+        XrayService::class.java
+    ) {
+        override fun createProtocol(): Protocol = Xray.instance
+    },
+
+    SSXRAY(
+        "SSXRay",
+        "org.amnezia.vpn:amneziaXrayService",
+        XrayService::class.java
+    ) {
+        override fun createProtocol(): Protocol = Xray.instance
+    };
+
+    private var _protocol: Protocol? = null
+    val protocol: Protocol
+        get() {
+            if (_protocol == null) _protocol = createProtocol()
+            return _protocol ?: throw AssertionError("Set to null by another thread")
+        }
+
+    protected abstract fun createProtocol(): Protocol
+
+    companion object {
+        fun get(protocolName: String): VpnProto = VpnProto.valueOf(protocolName.uppercase())
+    }
+}

client/android/src/org/amnezia/vpn/VpnRequestActivity.kt

@@ -7,6 +7,7 @@ import android.content.Intent
 import android.content.res.Configuration.UI_MODE_NIGHT_MASK
 import android.content.res.Configuration.UI_MODE_NIGHT_YES
 import android.net.VpnService
+import android.os.Build
 import android.os.Bundle
 import android.provider.Settings
 import android.widget.Toast
@@ -18,9 +19,11 @@ import androidx.core.content.getSystemService
 import org.amnezia.vpn.util.Log
 
 private const val TAG = "VpnRequestActivity"
+const val EXTRA_PROTOCOL = "PROTOCOL"
 
 class VpnRequestActivity : ComponentActivity() {
 
+    private var vpnProto: VpnProto? = null
     private var userPresentReceiver: BroadcastReceiver? = null
     private val requestLauncher =
         registerForActivityResult(StartActivityForResult(), ::checkRequestResult)
@@ -28,6 +31,12 @@ class VpnRequestActivity : ComponentActivity() {
     override fun onCreate(savedInstanceState: Bundle?) {
         super.onCreate(savedInstanceState)
         Log.d(TAG, "Start request activity")
+        vpnProto = if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.TIRAMISU) {
+            intent.extras?.getSerializable(EXTRA_PROTOCOL, VpnProto::class.java)
+        } else {
+            @Suppress("DEPRECATION")
+            intent.extras?.getSerializable(EXTRA_PROTOCOL) as VpnProto
+        }
         val requestIntent = VpnService.prepare(applicationContext)
         if (requestIntent != null) {
             if (getSystemService<KeyguardManager>()!!.isKeyguardLocked) {
@@ -66,10 +75,18 @@ class VpnRequestActivity : ComponentActivity() {
 
     private fun onPermissionGranted() {
         Toast.makeText(this, resources.getString(R.string.vpnGranted), Toast.LENGTH_LONG).show()
-        Intent(applicationContext, AmneziaVpnService::class.java).apply {
-            putExtra(AFTER_PERMISSION_CHECK, true)
-        }.also {
-            ContextCompat.startForegroundService(this, it)
+        vpnProto?.let { proto ->
+            Intent(applicationContext, proto.serviceClass).apply {
+                putExtra(AFTER_PERMISSION_CHECK, true)
+            }.also {
+                ContextCompat.startForegroundService(this, it)
+            }
+        } ?: run {
+            Intent(this, AmneziaActivity::class.java).apply {
+                addFlags(Intent.FLAG_ACTIVITY_NEW_TASK)
+            }.also {
+                startActivity(it)
+            }
         }
     }
 

client/android/src/org/amnezia/vpn/VpnState.kt

@@ -1,19 +1,22 @@
 package org.amnezia.vpn
 
 import android.app.Application
+import androidx.datastore.core.CorruptionException
 import androidx.datastore.core.MultiProcessDataStoreFactory
 import androidx.datastore.core.Serializer
+import androidx.datastore.core.handlers.ReplaceFileCorruptionHandler
 import androidx.datastore.dataStoreFile
-import java.io.ByteArrayInputStream
-import java.io.ByteArrayOutputStream
 import java.io.InputStream
-import java.io.ObjectInputStream
-import java.io.ObjectOutputStream
 import java.io.OutputStream
-import java.io.Serializable
-import kotlinx.coroutines.Dispatchers
 import kotlinx.coroutines.flow.Flow
-import kotlinx.coroutines.withContext
+import kotlinx.coroutines.flow.catch
+import kotlinx.coroutines.flow.firstOrNull
+import kotlinx.serialization.ExperimentalSerializationApi
+import kotlinx.serialization.Serializable
+import kotlinx.serialization.SerializationException
+import kotlinx.serialization.decodeFromByteArray
+import kotlinx.serialization.encodeToByteArray
+import kotlinx.serialization.protobuf.ProtoBuf
 import org.amnezia.vpn.protocol.ProtocolState
 import org.amnezia.vpn.protocol.ProtocolState.DISCONNECTED
 import org.amnezia.vpn.util.Log
@@ -21,13 +24,14 @@ import org.amnezia.vpn.util.Log
 private const val TAG = "VpnState"
 private const val STORE_FILE_NAME = "vpnState"
 
+@Serializable
 data class VpnState(
     val protocolState: ProtocolState,
     val serverName: String? = null,
-    val serverIndex: Int = -1
-) : Serializable {
+    val serverIndex: Int = -1,
+    val vpnProto: VpnProto? = null
+) {
     companion object {
-        private const val serialVersionUID: Long = -1760654961004181606
         val defaultState: VpnState = VpnState(DISCONNECTED)
     }
 }
@@ -37,7 +41,11 @@ object VpnStateStore {
 
     private val dataStore = MultiProcessDataStoreFactory.create(
         serializer = VpnStateSerializer(),
-        produceFile = { app.dataStoreFile(STORE_FILE_NAME) }
+        produceFile = { app.dataStoreFile(STORE_FILE_NAME) },
+        corruptionHandler = ReplaceFileCorruptionHandler { e ->
+            Log.e(TAG, "VpnState DataStore corrupted: $e")
+            VpnState.defaultState
+        }
     )
 
     fun init(app: Application) {
@@ -45,36 +53,36 @@ object VpnStateStore {
         this.app = app
     }
 
-    fun dataFlow(): Flow<VpnState> = dataStore.data
+    fun dataFlow(): Flow<VpnState> = dataStore.data.catch { e ->
+        Log.e(TAG, "Failed to read VpnState from store: ${e.message}")
+        emit(VpnState.defaultState)
+    }
+
+    suspend fun getVpnState(): VpnState = dataFlow().firstOrNull() ?: VpnState.defaultState
 
     suspend fun store(f: (vpnState: VpnState) -> VpnState) {
         try {
             dataStore.updateData(f)
-        } catch (e : Exception) {
+        } catch (e: Exception) {
             Log.e(TAG, "Failed to store VpnState: $e")
+            Log.w(TAG, "Remove DataStore file")
+            app.dataStoreFile(STORE_FILE_NAME).delete()
         }
     }
 }
 
+@OptIn(ExperimentalSerializationApi::class)
 private class VpnStateSerializer : Serializer<VpnState> {
     override val defaultValue: VpnState = VpnState.defaultState
 
-    override suspend fun readFrom(input: InputStream): VpnState {
-        return withContext(Dispatchers.IO) {
-            val bios = ByteArrayInputStream(input.readBytes())
-            ObjectInputStream(bios).use {
-                it.readObject() as VpnState
-            }
-        }
+    override suspend fun readFrom(input: InputStream): VpnState = try {
+        ProtoBuf.decodeFromByteArray<VpnState>(input.readBytes())
+    } catch (e: SerializationException) {
+        Log.e(TAG, "Failed to deserialize data: $e")
+        throw CorruptionException("Failed to deserialize data", e)
     }
 
-    override suspend fun writeTo(t: VpnState, output: OutputStream) {
-        withContext(Dispatchers.IO) {
-            val baos = ByteArrayOutputStream()
-            ObjectOutputStream(baos).use {
-                it.writeObject(t)
-            }
-            output.write(baos.toByteArray())
-        }
-    }
+    @Suppress("BlockingMethodInNonBlockingContext")
+    override suspend fun writeTo(t: VpnState, output: OutputStream) =
+        output.write(ProtoBuf.encodeToByteArray(t))
 }

client/android/src/org/amnezia/vpn/XrayService.kt

@@ -0,0 +1,3 @@
+package org.amnezia.vpn
+
+class XrayService : AmneziaVpnService()

client/android/src/org/amnezia/vpn/qt/QtAndroidController.kt

@@ -25,5 +25,7 @@ object QtAndroidController {
 
     external fun onConfigImported(data: String)
 
+    external fun onAuthResult(result: Boolean)
+
     external fun decodeQrCode(data: String): Boolean
 }

client/android/utils/src/main/kotlin/JsonExt.kt

@@ -0,0 +1,9 @@
+package org.amnezia.vpn.util
+
+import org.json.JSONArray
+import org.json.JSONObject
+
+inline fun <reified T> JSONArray.asSequence(): Sequence<T> =
+    (0..<length()).asSequence().map { get(it) as T }
+
+fun JSONObject.optStringOrNull(name: String) = optString(name).ifEmpty { null }

client/android/utils/src/main/kotlin/net/NetworkState.kt

@@ -88,16 +88,24 @@ class NetworkState(
         if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.S) {
             connectivityManager.registerBestMatchingNetworkCallback(networkRequest, networkCallback, handler)
         } else if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.O) {
-            try {
-                connectivityManager.requestNetwork(networkRequest, networkCallback, handler)
-            } catch (e: SecurityException) {
-                Log.e(TAG, "Failed to bind network listener: $e")
-                // Android 11 bug: https://issuetracker.google.com/issues/175055271
-                if (e.message?.startsWith("Package android does not belong to") == true) {
-                    delay(1000)
+            val numberAttempts = 300
+            var attemptCount = 0
+            while(true) {
+                try {
                     connectivityManager.requestNetwork(networkRequest, networkCallback, handler)
-                } else {
-                    throw e
+                    break
+                } catch (e: SecurityException) {
+                    Log.e(TAG, "Failed to bind network listener: $e")
+                    // Android 11 bug: https://issuetracker.google.com/issues/175055271
+                    if (e.message?.startsWith("Package android does not belong to") == true) {
+                        if (++attemptCount > numberAttempts) {
+                            throw e
+                        }
+                        delay(1000)
+                        continue
+                    } else {
+                        throw e
+                    }
                 }
             }
         } else {

client/android/utils/src/main/kotlin/net/NetworkUtils.kt

@@ -35,7 +35,7 @@ fun getLocalNetworks(context: Context, ipv6: Boolean): List<InetNetwork> {
     return emptyList()
 }
 
-fun parseInetAddress(address: String): InetAddress = parseNumericAddressCompat(address)
+fun parseInetAddress(address: String): InetAddress = InetAddress.getByName(address)
 
 private val parseNumericAddressCompat: (String) -> InetAddress =
     if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.Q) {

client/android/wireguard/src/main/kotlin/org/amnezia/vpn/protocol/wireguard/Wireguard.kt

@@ -1,57 +1,26 @@
 package org.amnezia.vpn.protocol.wireguard
 
-import android.content.Context
 import android.net.VpnService.Builder
+import java.io.IOException
+import java.util.Locale
 import java.util.TreeMap
-import kotlinx.coroutines.flow.MutableStateFlow
+import kotlinx.coroutines.Dispatchers
+import kotlinx.coroutines.delay
+import kotlinx.coroutines.withContext
 import org.amnezia.awg.GoBackend
 import org.amnezia.vpn.protocol.Protocol
-import org.amnezia.vpn.protocol.ProtocolState
 import org.amnezia.vpn.protocol.ProtocolState.CONNECTED
 import org.amnezia.vpn.protocol.ProtocolState.DISCONNECTED
 import org.amnezia.vpn.protocol.Statistics
 import org.amnezia.vpn.protocol.VpnStartException
 import org.amnezia.vpn.util.Log
+import org.amnezia.vpn.util.asSequence
 import org.amnezia.vpn.util.net.InetEndpoint
 import org.amnezia.vpn.util.net.InetNetwork
 import org.amnezia.vpn.util.net.parseInetAddress
+import org.amnezia.vpn.util.optStringOrNull
 import org.json.JSONObject
 
-/**
- *    Config example:
- *    {
- *        "protocol": "wireguard",
- *        "description": "Server 1",
- *        "dns1": "1.1.1.1",
- *        "dns2": "1.0.0.1",
- *        "hostName": "100.100.100.0",
- *        "splitTunnelSites": [
- *        ],
- *        "splitTunnelType": 0,
- *        "wireguard_config_data": {
- *            "client_ip": "10.8.1.1",
- *            "hostName": "100.100.100.0",
- *            "port": 12345,
- *            "client_pub_key": "clientPublicKeyBase64",
- *            "client_priv_key": "privateKeyBase64",
- *            "psk_key": "presharedKeyBase64",
- *            "server_pub_key": "publicKeyBase64",
- *            "config": "[Interface]
- *                       Address = 10.8.1.1/32
- *                       DNS = 1.1.1.1, 1.0.0.1
- *                       PrivateKey = privateKeyBase64
- *
- *                       [Peer]
- *                       PublicKey = publicKeyBase64
- *                       PresharedKey = presharedKeyBase64
- *                       AllowedIPs = 0.0.0.0/0, ::/0
- *                       Endpoint = 100.100.100.0:12345
- *                       PersistentKeepalive = 25
- *                       "
- *        }
- *    }
- */
-
 private const val TAG = "Wireguard"
 
 open class Wireguard : Protocol() {
@@ -78,72 +47,92 @@ open class Wireguard : Protocol() {
             }
         }
 
-    override fun initialize(context: Context, state: MutableStateFlow<ProtocolState>, onError: (String) -> Unit) {
-        super.initialize(context, state, onError)
-        loadSharedLibrary(context, "wg-go")
+    override fun internalInit() {
+        if (!isInitialized) loadSharedLibrary(context, "wg-go")
     }
 
-    override fun startVpn(config: JSONObject, vpnBuilder: Builder, protect: (Int) -> Boolean) {
+    override suspend fun startVpn(config: JSONObject, vpnBuilder: Builder, protect: (Int) -> Boolean) {
         val wireguardConfig = parseConfig(config)
+        val startTime = System.currentTimeMillis()
         start(wireguardConfig, vpnBuilder, protect)
+        waitForConnection(startTime)
         state.value = CONNECTED
     }
 
+    private suspend fun waitForConnection(startTime: Long) {
+        Log.d(TAG, "Waiting for connection")
+        withContext(Dispatchers.IO) {
+            val time = String.format(Locale.ROOT,"%.3f", startTime / 1000.0)
+            try {
+                delay(1000)
+                var log = getLogcat(time)
+                Log.d(TAG, "First waiting log: $log")
+                // check that there is a connection log,
+                // to avoid infinite connection
+                if (!log.contains("Attaching to interface")) {
+                    Log.w(TAG, "Logs do not contain a connection log")
+                    return@withContext
+                }
+                while (!log.contains("Received handshake response")) {
+                    delay(1000)
+                    log = getLogcat(time)
+                }
+            } catch (e: IOException) {
+                Log.e(TAG, "Failed to get logcat: $e")
+            }
+        }
+    }
+
+    private fun getLogcat(time: String): String =
+        ProcessBuilder("logcat", "--buffer=main", "--format=raw", "*:S AmneziaWG/awg0", "-t", time)
+            .redirectErrorStream(true)
+            .start()
+            .inputStream.reader().readText()
+
     protected open fun parseConfig(config: JSONObject): WireguardConfig {
-        val configDataJson = config.getJSONObject("wireguard_config_data")
-        val configData = parseConfigData(configDataJson.getString("config"))
+        val configData = config.getJSONObject("wireguard_config_data")
         return WireguardConfig.build {
-            configWireguard(configData, configDataJson)
+            configWireguard(config, configData)
             configSplitTunneling(config)
             configAppSplitTunneling(config)
         }
     }
 
-    protected fun WireguardConfig.Builder.configWireguard(configData: Map<String, String>, configDataJson: JSONObject) {
-        configData["Address"]?.split(",")?.map { address ->
+    protected fun WireguardConfig.Builder.configWireguard(config: JSONObject, configData: JSONObject) {
+        configData.getString("client_ip").split(",").map { address ->
             InetNetwork.parse(address.trim())
-        }?.forEach(::addAddress)
+        }.forEach(::addAddress)
 
-        configData["DNS"]?.split(",")?.map { dns ->
-            parseInetAddress(dns.trim())
-        }?.forEach(::addDnsServer)
+        config.optStringOrNull("dns1")?.let { dns ->
+            addDnsServer(parseInetAddress(dns.trim()))
+        }
+
+        config.optStringOrNull("dns2")?.let { dns ->
+            addDnsServer(parseInetAddress(dns.trim()))
+        }
 
         val defRoutes = hashSetOf(
             InetNetwork("0.0.0.0", 0),
             InetNetwork("::", 0)
         )
         val routes = hashSetOf<InetNetwork>()
-        configData["AllowedIPs"]?.split(",")?.map { route ->
+        configData.getJSONArray("allowed_ips").asSequence<String>().map { route ->
             InetNetwork.parse(route.trim())
-        }?.forEach(routes::add)
+        }.forEach(routes::add)
         // if the allowed IPs list contains at least one non-default route, disable global split tunneling
         if (routes.any { it !in defRoutes }) disableSplitTunneling()
         addRoutes(routes)
 
-        configDataJson.optString("mtu").let { mtu ->
-            if (mtu.isNotEmpty()) {
-                setMtu(mtu.toInt())
-            } else {
-                configData["MTU"]?.let { setMtu(it.toInt()) }
-            }
-        }
+        configData.optStringOrNull("mtu")?.let { setMtu(it.toInt()) }
 
-        configData["Endpoint"]?.let { setEndpoint(InetEndpoint.parse(it)) }
-        configData["PersistentKeepalive"]?.let { setPersistentKeepalive(it.toInt()) }
-        configData["PrivateKey"]?.let { setPrivateKeyHex(it.base64ToHex()) }
-        configData["PublicKey"]?.let { setPublicKeyHex(it.base64ToHex()) }
-        configData["PresharedKey"]?.let { setPreSharedKeyHex(it.base64ToHex()) }
-    }
+        val host = configData.getString("hostName").let { parseInetAddress(it.trim()) }
+        val port = configData.getInt("port")
+        setEndpoint(InetEndpoint(host, port))
 
-    protected fun parseConfigData(data: String): Map<String, String> {
-        val parsedData = TreeMap<String, String>(String.CASE_INSENSITIVE_ORDER)
-        data.lineSequence()
-            .filter { it.isNotEmpty() && !it.startsWith('[') }
-            .forEach { line ->
-                val attr = line.split("=", limit = 2)
-                parsedData[attr.first().trim()] = attr.last().trim()
-            }
-        return parsedData
+        configData.optStringOrNull("persistent_keep_alive")?.let { setPersistentKeepalive(it.toInt()) }
+        configData.getString("client_priv_key").let { setPrivateKeyHex(it.base64ToHex()) }
+        configData.getString("server_pub_key").let { setPublicKeyHex(it.base64ToHex()) }
+        configData.optStringOrNull("psk_key")?.let { setPreSharedKeyHex(it.base64ToHex()) }
     }
 
     private fun start(config: WireguardConfig, vpnBuilder: Builder, protect: (Int) -> Boolean) {

client/android/xray/build.gradle.kts

@@ -0,0 +1,19 @@
+plugins {
+    id(libs.plugins.android.library.get().pluginId)
+    id(libs.plugins.kotlin.android.get().pluginId)
+}
+
+kotlin {
+    jvmToolchain(17)
+}
+
+android {
+    namespace = "org.amnezia.vpn.protocol.xray"
+}
+
+dependencies {
+    compileOnly(project(":utils"))
+    compileOnly(project(":protocolApi"))
+    implementation(project(":xray:libXray"))
+    implementation(libs.kotlinx.coroutines)
+}

client/android/xray/libXray/build.gradle.kts

@@ -0,0 +1,6 @@
+@file:Suppress("UnstableApiUsage")
+
+configurations {
+    maybeCreate("default")
+}
+artifacts.add("default", file("libxray.aar"))

client/android/xray/src/main/kotlin/Xray.kt

@@ -0,0 +1,176 @@
+package org.amnezia.vpn.protocol.xray
+
+import android.content.Context
+import android.net.VpnService.Builder
+import java.io.File
+import java.io.IOException
+import go.Seq
+import org.amnezia.vpn.protocol.BadConfigException
+import org.amnezia.vpn.protocol.Protocol
+import org.amnezia.vpn.protocol.ProtocolState.CONNECTED
+import org.amnezia.vpn.protocol.ProtocolState.DISCONNECTED
+import org.amnezia.vpn.protocol.Statistics
+import org.amnezia.vpn.protocol.VpnStartException
+import org.amnezia.vpn.protocol.xray.libXray.DialerController
+import org.amnezia.vpn.protocol.xray.libXray.LibXray
+import org.amnezia.vpn.protocol.xray.libXray.Logger
+import org.amnezia.vpn.protocol.xray.libXray.Tun2SocksConfig
+import org.amnezia.vpn.util.Log
+import org.amnezia.vpn.util.net.InetNetwork
+import org.amnezia.vpn.util.net.parseInetAddress
+import org.json.JSONObject
+
+private const val TAG = "Xray"
+private const val LIBXRAY_TAG = "libXray"
+
+class Xray : Protocol() {
+
+    private var isRunning: Boolean = false
+    override val statistics: Statistics = Statistics.EMPTY_STATISTICS
+
+    override fun internalInit() {
+        Seq.setContext(context)
+        if (!isInitialized) {
+            LibXray.initLogger(object : Logger {
+                override fun warning(s: String) = Log.w(LIBXRAY_TAG, s)
+
+                override fun error(s: String) = Log.e(LIBXRAY_TAG, s)
+
+                override fun write(msg: ByteArray): Long {
+                    Log.w(LIBXRAY_TAG, String(msg))
+                    return msg.size.toLong()
+                }
+            }).isNotNullOrBlank { err ->
+                Log.w(TAG, "Failed to initialize logger: $err")
+            }
+        }
+    }
+
+    override suspend fun startVpn(config: JSONObject, vpnBuilder: Builder, protect: (Int) -> Boolean) {
+        if (isRunning) {
+            Log.w(TAG, "XRay already running")
+            return
+        }
+
+        val xrayJsonConfig = config.optJSONObject("xray_config_data")
+            ?: config.optJSONObject("ssxray_config_data")
+            ?: throw BadConfigException("config_data not found")
+        val xrayConfig = parseConfig(config, xrayJsonConfig)
+
+        (xrayJsonConfig.optJSONObject("log") ?: JSONObject().also { xrayJsonConfig.put("log", it) })
+            .put("loglevel", "warning")
+            .put("access", "none") // disable access log
+
+        start(xrayConfig, xrayJsonConfig.toString(), vpnBuilder, protect)
+        state.value = CONNECTED
+        isRunning = true
+    }
+
+    private fun parseConfig(config: JSONObject, xrayJsonConfig: JSONObject): XrayConfig {
+        return XrayConfig.build {
+            addAddress(XrayConfig.DEFAULT_IPV4_ADDRESS)
+
+            config.optString("dns1").let {
+                if (it.isNotBlank()) addDnsServer(parseInetAddress(it))
+            }
+
+            config.optString("dns2").let {
+                if (it.isNotBlank()) addDnsServer(parseInetAddress(it))
+            }
+
+            addRoute(InetNetwork("0.0.0.0", 0))
+            addRoute(InetNetwork("2000::0", 3))
+            config.getString("hostName").let {
+                excludeRoute(InetNetwork(it, 32))
+            }
+
+            config.optString("mtu").let {
+                if (it.isNotBlank()) setMtu(it.toInt())
+            }
+
+            val socksConfig = xrayJsonConfig.getJSONArray("inbounds")[0] as JSONObject
+            socksConfig.getInt("port").let { setSocksPort(it) }
+
+            configSplitTunneling(config)
+            configAppSplitTunneling(config)
+        }
+    }
+
+    private fun start(config: XrayConfig, configJson: String, vpnBuilder: Builder, protect: (Int) -> Boolean) {
+        buildVpnInterface(config, vpnBuilder)
+
+        DialerController { protect(it.toInt()) }.also {
+            LibXray.registerDialerController(it).isNotNullOrBlank { err ->
+                throw VpnStartException("Failed to register dialer controller: $err")
+            }
+            LibXray.registerListenerController(it).isNotNullOrBlank { err ->
+                throw VpnStartException("Failed to register listener controller: $err")
+            }
+        }
+
+        vpnBuilder.establish().use { tunFd ->
+            if (tunFd == null) {
+                throw VpnStartException("Create VPN interface: permission not granted or revoked")
+            }
+            Log.d(TAG, "Run tun2Socks")
+            runTun2Socks(config, tunFd.detachFd())
+
+            Log.d(TAG, "Run XRay")
+            Log.i(TAG, "xray ${LibXray.xrayVersion()}")
+            val assetsPath = context.getDir("assets", Context.MODE_PRIVATE).absolutePath
+            LibXray.initXray(assetsPath)
+            val geoDir = File(assetsPath, "geo").absolutePath
+            val configPath = File(context.cacheDir, "config.json")
+            Log.d(TAG, "xray.location.asset: $geoDir")
+            Log.d(TAG, "config: $configPath")
+            try {
+                configPath.writeText(configJson)
+            } catch (e: IOException) {
+                LibXray.stopTun2Socks()
+                throw VpnStartException("Failed to write xray config: ${e.message}")
+            }
+            LibXray.runXray(geoDir, configPath.absolutePath, config.maxMemory).isNotNullOrBlank { err ->
+                LibXray.stopTun2Socks()
+                throw VpnStartException("Failed to start xray: $err")
+            }
+        }
+    }
+
+    override fun stopVpn() {
+        LibXray.stopXray().isNotNullOrBlank { err ->
+            Log.e(TAG, "Failed to stop XRay: $err")
+        }
+        LibXray.stopTun2Socks().isNotNullOrBlank { err ->
+            Log.e(TAG, "Failed to stop tun2Socks: $err")
+        }
+
+        isRunning = false
+        state.value = DISCONNECTED
+    }
+
+    override fun reconnectVpn(vpnBuilder: Builder) {
+        state.value = CONNECTED
+    }
+
+    private fun runTun2Socks(config: XrayConfig, fd: Int) {
+        val tun2SocksConfig = Tun2SocksConfig().apply {
+            mtu = config.mtu.toLong()
+            proxy = "socks5://127.0.0.1:${config.socksPort}"
+            device = "fd://$fd"
+            logLevel = "warning"
+        }
+        LibXray.startTun2Socks(tun2SocksConfig, fd.toLong()).isNotNullOrBlank { err ->
+            throw VpnStartException("Failed to start tun2socks: $err")
+        }
+    }
+
+    companion object {
+        val instance: Xray by lazy { Xray() }
+    }
+}
+
+private fun String?.isNotNullOrBlank(block: (String) -> Unit) {
+    if (!this.isNullOrBlank()) {
+        block(this)
+    }
+}

client/android/xray/src/main/kotlin/XrayConfig.kt

@@ -0,0 +1,42 @@
+package org.amnezia.vpn.protocol.xray
+
+import org.amnezia.vpn.protocol.ProtocolConfig
+import org.amnezia.vpn.util.net.InetNetwork
+
+private const val XRAY_DEFAULT_MTU = 1500
+private const val XRAY_DEFAULT_MAX_MEMORY: Long = 50 shl 20 // 50 MB
+
+class XrayConfig protected constructor(
+    protocolConfigBuilder: ProtocolConfig.Builder,
+    val socksPort: Int,
+    val maxMemory: Long,
+) : ProtocolConfig(protocolConfigBuilder) {
+
+    protected constructor(builder: Builder) : this(
+        builder,
+        builder.socksPort,
+        builder.maxMemory
+    )
+
+    class Builder : ProtocolConfig.Builder(false) {
+        internal var socksPort: Int = 0
+            private set
+
+        internal var maxMemory: Long = XRAY_DEFAULT_MAX_MEMORY
+            private set
+
+        override var mtu: Int = XRAY_DEFAULT_MTU
+
+        fun setSocksPort(port: Int) = apply { socksPort = port }
+
+        fun setMaxMemory(maxMemory: Long) = apply { this.maxMemory = maxMemory }
+
+        override fun build(): XrayConfig = configBuild().run { XrayConfig(this@Builder) }
+    }
+
+    companion object {
+        internal val DEFAULT_IPV4_ADDRESS: InetNetwork = InetNetwork("10.0.42.2", 30)
+
+        inline fun build(block: Builder.() -> Unit): XrayConfig = Builder().apply(block).build()
+    }
+}

client/cmake/3rdparty.cmake

@@ -8,9 +8,9 @@ endif()
 
 add_subdirectory(${CLIENT_ROOT_DIR}/3rd/SortFilterProxyModel)
 set(LIBS ${LIBS} SortFilterProxyModel)
+include(${CLIENT_ROOT_DIR}/cmake/QSimpleCrypto.cmake)
 
 include(${CLIENT_ROOT_DIR}/3rd/qrcodegen/qrcodegen.cmake)
-include(${CLIENT_ROOT_DIR}/3rd/QSimpleCrypto/QSimpleCrypto.cmake)
 
 set(LIBSSH_ROOT_DIR "${CLIENT_ROOT_DIR}/3rd-prebuilt/3rd-prebuilt/libssh/")
 set(OPENSSL_ROOT_DIR "${CLIENT_ROOT_DIR}/3rd-prebuilt/3rd-prebuilt/openssl/")
@@ -83,13 +83,12 @@ set(BUILD_WITH_QT6 ON)
 add_subdirectory(${CLIENT_ROOT_DIR}/3rd/qtkeychain)
 set(LIBS ${LIBS} qt6keychain)
 
-
 include_directories(
     ${OPENSSL_INCLUDE_DIR}
     ${LIBSSH_INCLUDE_DIR}/include
     ${LIBSSH_ROOT_DIR}/include
     ${CLIENT_ROOT_DIR}/3rd/libssh/include
-    ${CLIENT_ROOT_DIR}/3rd/QSimpleCrypto/include
+    ${CLIENT_ROOT_DIR}/3rd/QSimpleCrypto/src/include
     ${CLIENT_ROOT_DIR}/3rd/qtkeychain/qtkeychain
     ${CMAKE_CURRENT_BINARY_DIR}/3rd/qtkeychain
     ${CMAKE_CURRENT_BINARY_DIR}/3rd/libssh/include

client/cmake/QSimpleCrypto.cmake

@@ -0,0 +1,21 @@
+set(CLIENT_ROOT_DIR ${CMAKE_CURRENT_LIST_DIR}/..)
+set(QSIMPLECRYPTO_DIR ${CLIENT_ROOT_DIR}/3rd/QSimpleCrypto/src)
+
+include_directories(${QSIMPLECRYPTO_DIR})
+
+set(HEADERS ${HEADERS}
+    ${QSIMPLECRYPTO_DIR}/include/QAead.h
+    ${QSIMPLECRYPTO_DIR}/include/QBlockCipher.h
+    ${QSIMPLECRYPTO_DIR}/include/QRsa.h
+    ${QSIMPLECRYPTO_DIR}/include/QSimpleCrypto_global.h
+    ${QSIMPLECRYPTO_DIR}/include/QX509.h
+    ${QSIMPLECRYPTO_DIR}/include/QX509Store.h
+)
+
+set(SOURCES ${SOURCES}
+    ${QSIMPLECRYPTO_DIR}/sources/QAead.cpp
+    ${QSIMPLECRYPTO_DIR}/sources/QBlockCipher.cpp
+    ${QSIMPLECRYPTO_DIR}/sources/QRsa.cpp
+    ${QSIMPLECRYPTO_DIR}/sources/QX509.cpp
+    ${QSIMPLECRYPTO_DIR}/sources/QX509Store.cpp
+)

client/cmake/android.cmake

@@ -27,7 +27,6 @@ link_directories(${CMAKE_CURRENT_SOURCE_DIR}/platforms/android)
 set(HEADERS ${HEADERS}
     ${CMAKE_CURRENT_SOURCE_DIR}/platforms/android/android_controller.h
     ${CMAKE_CURRENT_SOURCE_DIR}/platforms/android/android_utils.h
-    ${CMAKE_CURRENT_SOURCE_DIR}/platforms/android/authResultReceiver.h
     ${CMAKE_CURRENT_SOURCE_DIR}/protocols/android_vpnprotocol.h
     ${CMAKE_CURRENT_SOURCE_DIR}/core/installedAppsImageProvider.h
 )
@@ -35,7 +34,6 @@ set(HEADERS ${HEADERS}
 set(SOURCES ${SOURCES}
     ${CMAKE_CURRENT_SOURCE_DIR}/platforms/android/android_controller.cpp
     ${CMAKE_CURRENT_SOURCE_DIR}/platforms/android/android_utils.cpp
-    ${CMAKE_CURRENT_SOURCE_DIR}/platforms/android/authResultReceiver.cpp
     ${CMAKE_CURRENT_SOURCE_DIR}/protocols/android_vpnprotocol.cpp
     ${CMAKE_CURRENT_SOURCE_DIR}/core/installedAppsImageProvider.cpp
 )
@@ -52,3 +50,6 @@ foreach(abi IN ITEMS ${QT_ANDROID_ABIS})
         ${CMAKE_CURRENT_SOURCE_DIR}/3rd-prebuilt/3rd-prebuilt/libssh/android/${abi}/libssh.so
     )
 endforeach()
+
+file(COPY ${CMAKE_CURRENT_SOURCE_DIR}/3rd-prebuilt/3rd-prebuilt/xray/android/libxray.aar
+        DESTINATION ${CMAKE_CURRENT_SOURCE_DIR}/android/xray/libXray)

client/cmake/ios.cmake

@@ -46,7 +46,6 @@ set(SOURCES ${SOURCES}
     ${CMAKE_CURRENT_SOURCE_DIR}/platforms/ios/iosglue.mm
     ${CMAKE_CURRENT_SOURCE_DIR}/platforms/ios/QRCodeReaderBase.mm
     ${CMAKE_CURRENT_SOURCE_DIR}/platforms/ios/QtAppDelegate.mm
-    ${CMAKE_CURRENT_SOURCE_DIR}/platforms/ios/MobileUtils.mm
 )
 
 

client/configurators/openvpn_configurator.cpp

@@ -119,18 +119,21 @@ QString OpenVpnConfigurator::processConfigWithLocalSettings(const QPair<QString,
         
         if (!m_settings->isSitesSplitTunnelingEnabled()) {
             config.append("\nredirect-gateway def1 ipv6 bypass-dhcp\n");
+
+#if !defined(Q_OS_ANDROID) && !defined(Q_OS_IOS)
             // Prevent ipv6 leak
             config.append("ifconfig-ipv6 fd15:53b6:dead::2/64  fd15:53b6:dead::1\n");
+#endif
             config.append("block-ipv6\n");
         } else if (m_settings->routeMode() == Settings::VpnOnlyForwardSites) {
 
             // no redirect-gateway
         } else if (m_settings->routeMode() == Settings::VpnAllExceptSites) {
-#ifndef Q_OS_ANDROID
+#if !defined(Q_OS_ANDROID) && !defined(Q_OS_IOS)
             config.append("\nredirect-gateway ipv6 !ipv4 bypass-dhcp\n");
-#endif
             // Prevent ipv6 leak
             config.append("ifconfig-ipv6 fd15:53b6:dead::2/64  fd15:53b6:dead::1\n");
+#endif
             config.append("block-ipv6\n");
         }
     }