Merge pull request #784 from grote/check-storage

Test for free space and allow 0 response

.cirrus.yml

@@ -0,0 +1,66 @@
+container:
+  image: ghcr.io/cirruslabs/android-sdk:34
+  kvm: true
+  cpu: 8
+  memory: 16G
+
+instrumentation_tests_task:
+  name: "Cirrus CI Instrumentation Tests"
+  start_avd_background_script:
+    sdkmanager --install "system-images;android-34;default;x86_64" "emulator";
+    echo no | avdmanager create avd -n seedvault -k "system-images;android-34;default;x86_64";
+    $ANDROID_HOME/emulator/emulator
+    -avd seedvault
+    -no-audio
+    -no-boot-anim
+    -gpu swiftshader_indirect
+    -no-snapshot
+    -no-window
+    -writable-system;
+  provision_avd_background_script:
+    wget https://github.com/seedvault-app/seedvault-test-data/releases/download/3/backup.tar.gz;
+
+    adb wait-for-device shell 'while [[ -z $(getprop sys.boot_completed) ]]; do sleep 1; done;';
+    adb root;
+    sleep 5;
+    adb remount;
+    adb reboot;
+    adb wait-for-device shell 'while [[ -z $(getprop sys.boot_completed) ]]; do sleep 1; done;';
+    adb root;
+    sleep 5;
+    adb remount;
+    sleep 5;
+  assemble_script:
+    ./gradlew :app:assembleRelease :contacts:assembleRelease assembleAndroidTest
+  install_app_script:
+    timeout 180s bash -c 'while [[ -z $(adb shell mount | grep "/system " | grep "(rw,") ]]; do sleep 1; done;';
+    adb wait-for-device shell 'while [[ -z $(getprop sys.boot_completed) ]]; do sleep 1; done;';
+
+    adb shell mkdir -p /sdcard/seedvault_baseline;
+    adb push backup.tar.gz /sdcard/seedvault_baseline/backup.tar.gz;
+    adb shell tar xzf /sdcard/seedvault_baseline/backup.tar.gz --directory=/sdcard/seedvault_baseline;
+
+    adb shell mkdir -p /system/priv-app/Seedvault;
+    adb push app/build/outputs/apk/release/app-release.apk /system/priv-app/Seedvault/Seedvault.apk;
+    adb push permissions_com.stevesoltys.seedvault.xml /system/etc/permissions/privapp-permissions-seedvault.xml;
+    adb push allowlist_com.stevesoltys.seedvault.xml /system/etc/sysconfig/allowlist-seedvault.xml;
+
+    adb shell mkdir -p /system/priv-app/ContactsBackup;
+    adb push contactsbackup/build/outputs/apk/release/contactsbackup-release.apk /system/priv-app/ContactsBackup/contactsbackup.apk;
+    adb push contactsbackup/default-permissions_org.calyxos.backup.contacts.xml /system/etc/default-permissions/default-permissions_org.calyxos.backup.contacts.xml;
+
+    adb shell bmgr enable true;
+    adb reboot;
+    adb wait-for-device shell 'while [[ -z $(getprop sys.boot_completed) ]]; do sleep 1; done;';
+    adb shell bmgr transport com.stevesoltys.seedvault.transport.ConfigurableBackupTransport;
+    adb reboot;
+    adb wait-for-device shell 'while [[ -z $(getprop sys.boot_completed) ]]; do sleep 1; done;';
+  run_large_tests_script: ./gradlew -Pandroid.testInstrumentationRunnerArguments.size=large :app:connectedAndroidTest
+  run_other_tests_script: ./gradlew -Pandroid.testInstrumentationRunnerArguments.notAnnotation=androidx.test.filters.LargeTest connectedAndroidTest
+  always:
+    pull_screenshots_script:
+      adb pull /sdcard/seedvault_test_results
+    screenshots_artifacts:
+      path: "seedvault_test_results/**/*.mp4"
+    logcat_artifacts:
+      path: "seedvault_test_results/**/*.log"

.github/scripts/build_aosp.sh

@@ -0,0 +1,97 @@
+#!/usr/bin/env bash
+#
+# SPDX-FileCopyrightText: 2023 The Calyx Institute
+# SPDX-License-Identifier: Apache-2.0
+#
+
+export DEBIAN_FRONTEND=noninteractive
+
+apt-get update
+apt-get install -y git-core gnupg flex bison build-essential zip curl zlib1g-dev  \
+    libc6-dev-i386 libncurses5 x11proto-core-dev libx11-dev lib32z1-dev libgl1-mesa-dev  \
+    libxml2-utils xsltproc unzip fontconfig python3 npm pip e2fsprogs python3-protobuf \
+    fonts-dejavu diffutils rsync ccache
+
+npm install --global yarn
+
+mkdir -p ~/bin
+curl https://storage.googleapis.com/git-repo-downloads/repo > ~/bin/repo
+chmod a+x ~/bin/repo
+ln -s /usr/bin/python3 /usr/bin/python
+export PATH=~/bin:$PATH
+
+set -e
+
+retry() {
+  set +e
+  local max_attempts=${ATTEMPTS-5}
+  local timeout=${TIMEOUT-1}
+  local attempt=0
+  local exitCode=0
+
+  while [[ $attempt < $max_attempts ]]
+  do
+    "$@"
+    exitCode=$?
+
+    if [[ $exitCode == 0 ]]
+    then
+      break
+    fi
+
+    echo "Failure! Retrying ($*) in $timeout.."
+    sleep "${timeout}"
+    attempt=$(( attempt + 1 ))
+    timeout=$(( timeout * 2 ))
+  done
+
+  if [[ $exitCode != 0 ]]
+  then
+    echo "Failed too many times! ($*)"
+  fi
+
+  set -e
+
+  return $exitCode
+}
+
+DEVICE=$1
+RELEASE=$2
+TARGET=$3
+BRANCH=$4
+
+git config --global user.email "seedvault@example.com"
+git config --global user.name "Seedvault CI"
+
+retry curl https://storage.googleapis.com/git-repo-downloads/repo > ~/bin/repo
+chmod a+x ~/bin/repo
+
+mkdir -p /aosp
+cd /aosp
+retry yes | repo init -u https://android.googlesource.com/platform/manifest -b "$BRANCH" --depth=1
+
+mkdir -p .repo/local_manifests
+cat << EOF > .repo/local_manifests/seedvault.xml
+<?xml version="1.0" encoding="UTF-8"?>
+<manifest>
+
+  <remote name="seedvault"
+          fetch="https://github.com/$CIRRUS_REPO_OWNER" />
+
+  <project name="seedvault" path="external/seedvault"
+          revision="$CIRRUS_CHANGE_IN_REPO" remote="$CIRRUS_REPO_NAME" />
+
+</manifest>
+EOF
+
+retry repo sync -c -j8 --fail-fast --force-sync
+
+# Cirrus CI seems to (possibly) reschedule tasks that aren't sending out logs for a while?
+while true; do echo "Still building..."; sleep 30; done &
+
+source build/envsetup.sh
+lunch $DEVICE-$RELEASE-$TARGET
+m -j1 nothing
+m -j2 Seedvault
+
+mv /aosp/out/target/product/generic_arm64/system/system_ext/priv-app/Seedvault/Seedvault.apk "$CIRRUS_WORKING_DIR"

.github/scripts/run_tests.sh

@@ -0,0 +1,31 @@
+#
+# SPDX-FileCopyrightText: 2023 The Calyx Institute
+# SPDX-License-Identifier: Apache-2.0
+#
+
+echo "Disable auto-restore"
+adb shell bmgr autorestore false
+
+echo "Installing Seedvault app..."
+./gradlew --stacktrace :app:installDebugAndroidTest
+sleep 60
+
+large_test_exit_code=0
+./gradlew --stacktrace -Pinstrumented_test_size=large :app:connectedAndroidTest || large_test_exit_code=$?
+
+adb pull /sdcard/seedvault_test_results
+
+if [ "$large_test_exit_code" -ne 0 ]; then
+    echo 'Large tests failed.'
+    exit 1
+fi
+
+medium_test_exit_code=0
+./gradlew --stacktrace -Pinstrumented_test_size=medium :app:connectedAndroidTest || medium_test_exit_code=$?
+
+if [ "$medium_test_exit_code" -ne 0 ]; then
+    echo 'Medium tests failed.'
+    exit 1
+fi
+
+exit 0

.github/workflows/build.yml

@@ -0,0 +1,61 @@
+name: Build
+on: [ push, pull_request ]
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
+  cancel-in-progress: true
+
+permissions:
+  contents: read
+  actions: read
+  checks: write
+
+jobs:
+  build:
+    name: Build
+
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout the code
+        uses: actions/checkout@v3
+
+      - name: Android build cache
+        uses: actions/cache@v3
+        with:
+          path: |
+            ~/.android/build-cache
+          key: ${{ runner.os }}-android
+          restore-keys: ${{ runner.os }}-android
+
+      - name: Set up JDK 17
+        uses: actions/setup-java@v3
+        with:
+          distribution: 'corretto'
+          java-version: 17
+          cache: 'gradle'
+
+      - name: Validate Gradle Wrapper
+        uses: gradle/actions/wrapper-validation@v3
+
+      - name: Build
+        env:
+          NEXTCLOUD_URL: ${{ vars.NEXTCLOUD_URL }}
+          NEXTCLOUD_USER: ${{ secrets.NEXTCLOUD_USER }}
+          NEXTCLOUD_PASS: ${{ secrets.NEXTCLOUD_PASS }}
+        run: ./gradlew compileDebugAndroidTestSources check assemble ktlintCheck
+
+      - name: Upload APKs
+        uses: actions/upload-artifact@v3
+        with:
+          name: seedvault-${{ github.sha }}-apks
+          path: |
+            app/build/outputs/apk/debug/app-debug.apk
+            contactsbackup/build/outputs/apk/debug/contactsbackup-debug.apk
+            storage/demo/build/outputs/apk/debug/demo-debug.apk
+
+      - name: Publish Test Report
+        uses: mikepenz/action-junit-report@v4
+        if: success() || failure()
+        with:
+          report_paths: '**/build/test-results/**/TEST-*.xml'
+

.github/workflows/client.yml

@@ -1,35 +0,0 @@
-name: Build
-on: [push, pull_request]
-
-jobs:
-  build:
-    name: Build
-
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v1
-
-      - name: Gradle dependency cache
-        uses: actions/cache@v2
-        with:
-          path: |
-            ~/.gradle/caches
-            ~/.gradle/wrapper
-          key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*') }}
-          restore-keys: ${{ runner.os }}-gradle-
-
-      - name: Android build cache
-        uses: actions/cache@v2
-        with:
-          path: |
-            ~/.android/build-cache
-          key: ${{ runner.os }}-android
-          restore-keys: ${{ runner.os }}-android
-
-      - name: Set up JDK 11
-        uses: actions/setup-java@v1
-        with:
-          java-version: 11
-
-      - name: Build
-        run: ./gradlew compileDebugAndroidTestSources check assemble ktlintCheck

.github/workflows/test.yml

@@ -0,0 +1,62 @@
+name: Run instrumentation tests
+
+on:
+  push:
+    branches:
+      - android*
+  pull_request:
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  instrumentation_tests:
+    runs-on: macos-12
+    if: github.repository == 'seedvault-app/seedvault'
+    timeout-minutes: 80
+    strategy:
+      fail-fast: false
+      matrix:
+        android_target: [ 34 ]
+        emulator_type: [ aosp_atd ]
+    steps:
+      - name: Checkout Code
+        uses: actions/checkout@v3
+
+      - uses: actions/setup-java@v3
+        with:
+          distribution: 'adopt'
+          java-version: '17'
+          cache: 'gradle'
+
+      - name: Build Release APK
+        run: ./gradlew :app:assembleRelease
+
+      - name: Assemble tests
+        run: ./gradlew :app:assembleAndroidTest
+
+      - name: Run tests
+        uses: Wandalen/wretry.action@v1.3.0
+        with:
+          attempt_limit: 1
+          action: reactivecircus/android-emulator-runner@v2
+          with: |
+            api-level: ${{ matrix.android_target }}
+            target: ${{ matrix.emulator_type }}
+            arch: x86_64
+            force-avd-creation: true
+            emulator-options: -cores 2 -writable-system -no-snapshot-load -no-snapshot-save -no-window -gpu swiftshader_indirect -noaudio -no-boot-anim -camera-back none
+            disk-size: '14G'
+            sdcard-path-or-size: '4096M'
+            disable-animations: true
+            script: |
+              ./app/development/scripts/provision_emulator.sh "test" "system-images;android-${{ matrix.android_target }};${{ matrix.emulator_type }};x86_64"
+              ./.github/scripts/run_tests.sh
+
+      - name: Upload test results
+        if: always()
+        uses: actions/upload-artifact@v3
+        with:
+          name: ${{ matrix.emulator_type }}-${{ matrix.android_target }}-results
+          path: seedvault_test_results/**/*

.gitignore

@@ -6,12 +6,18 @@ hs_err_pid*
 
 ## Intellij
 out/
+build/
+storage/build/
+contactsbackup/build/
 /lib/
 .idea/*
 !.idea/runConfigurations*
 !.idea/inspectionProfiles*
 !.idea/codeStyles*
+!.idea/copyright*
 !.idea/dictionaries*
+!.idea/scopes*
+!.idea/.name
 *.ipr
 *.iws
 *.iml

.idea/.name

@@ -0,0 +1 @@
+Seedvault

.idea/codeStyles/Project.xml

@@ -1,11 +1,7 @@
 <component name="ProjectCodeStyleConfiguration">
   <code_scheme name="Project" version="173">
     <JetCodeStyleSettings>
-      <option name="PACKAGES_TO_USE_STAR_IMPORTS">
-        <value />
-      </option>
-      <option name="NAME_COUNT_TO_USE_STAR_IMPORT" value="2147483647" />
-      <option name="NAME_COUNT_TO_USE_STAR_IMPORT_FOR_MEMBERS" value="2147483647" />
+      <option name="LINE_BREAK_AFTER_MULTILINE_WHEN_ENTRY" value="false" />
       <option name="CODE_STYLE_DEFAULTS" value="KOTLIN_OFFICIAL" />
     </JetCodeStyleSettings>
     <codeStyleSettings language="XML">

.idea/copyright/Apache_2_0.xml

@@ -0,0 +1,6 @@
+<component name="CopyrightManager">
+  <copyright>
+    <option name="notice" value="SPDX-FileCopyrightText: &amp;#36;today.year The Calyx Institute&#10;SPDX-License-Identifier: Apache-2.0" />
+    <option name="myName" value="Apache-2.0" />
+  </copyright>
+</component>

.idea/copyright/profiles_settings.xml

@@ -0,0 +1,13 @@
+<component name="CopyrightManager">
+  <settings default="Apache-2.0">
+    <module2copyright>
+      <element module="Kotlin Files" copyright="Apache-2.0" />
+      <element module="XML Files" copyright="Apache-2.0" />
+    </module2copyright>
+    <LanguageOptions name="XML">
+      <option name="fileTypeOverride" value="3" />
+      <option name="addBlankAfter" value="false" />
+      <option name="prefixLines" value="false" />
+    </LanguageOptions>
+  </settings>
+</component>

.idea/dictionaries/user.xml

@@ -3,9 +3,11 @@
     <words>
       <w>apk</w>
       <w>chunker</w>
+      <w>davx</w>
       <w>ejectable</w>
       <w>hasher</w>
       <w>hkdf</w>
+      <w>launchable</w>
       <w>restorable</w>
       <w>seedvault</w>
       <w>snowden</w>

.idea/runConfigurations.xml

@@ -1,13 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<project version="4">
-  <component name="RunConfigurationProducerService">
-    <option name="ignoredProducers">
-      <set>
-        <option value="com.android.tools.idea.compose.preview.runconfiguration.ComposePreviewRunConfigurationProducer" />
-        <option value="org.jetbrains.plugins.gradle.execution.test.runner.AllInPackageGradleConfigurationProducer" />
-        <option value="org.jetbrains.plugins.gradle.execution.test.runner.TestClassGradleConfigurationProducer" />
-        <option value="org.jetbrains.plugins.gradle.execution.test.runner.TestMethodGradleConfigurationProducer" />
-      </set>
-    </option>
-  </component>
-</project>

.idea/runConfigurations/Instrumentation_tests__app.xml

@@ -1,6 +1,6 @@
 <component name="ProjectRunConfigurationManager">
   <configuration default="false" name="Instrumentation tests: app" type="AndroidTestRunConfigurationType" factoryName="Android Instrumented Tests" singleton="true">
-    <module name="seedvault.app" />
+    <module name="seedvault.app.androidTest" />
     <option name="TESTING_TYPE" value="0" />
     <option name="METHOD_NAME" value="" />
     <option name="CLASS_NAME" value="" />
@@ -8,10 +8,12 @@
     <option name="INSTRUMENTATION_RUNNER_CLASS" value="" />
     <option name="EXTRA_OPTIONS" value="-e notAnnotation androidx.test.filters.LargeTest" />
     <option name="INCLUDE_GRADLE_EXTRA_OPTIONS" value="true" />
+    <option name="RETENTION_ENABLED" value="No" />
+    <option name="RETENTION_MAX_SNAPSHOTS" value="2" />
+    <option name="RETENTION_COMPRESS_SNAPSHOTS" value="false" />
     <option name="CLEAR_LOGCAT" value="false" />
     <option name="SHOW_LOGCAT_AUTOMATICALLY" value="false" />
-    <option name="SKIP_NOOP_APK_INSTALLATIONS" value="true" />
-    <option name="FORCE_STOP_RUNNING_APP" value="true" />
+    <option name="INSPECTION_WITHOUT_ACTIVITY_RESTART" value="false" />
     <option name="TARGET_SELECTION_MODE" value="DEVICE_AND_SNAPSHOT_COMBO_BOX" />
     <option name="DEBUGGER_TYPE" value="Auto" />
     <Auto>
@@ -40,7 +42,7 @@
       <option name="ADVANCED_PROFILING_ENABLED" value="false" />
       <option name="STARTUP_PROFILING_ENABLED" value="false" />
       <option name="STARTUP_CPU_PROFILING_ENABLED" value="false" />
-      <option name="STARTUP_CPU_PROFILING_CONFIGURATION_NAME" value="Sample Java Methods" />
+      <option name="STARTUP_CPU_PROFILING_CONFIGURATION_NAME" value="Callstack Sample" />
       <option name="STARTUP_NATIVE_MEMORY_PROFILING_ENABLED" value="false" />
       <option name="NATIVE_MEMORY_SAMPLE_RATE_BYTES" value="2048" />
     </Profilers>
@@ -48,4 +50,4 @@
       <option name="Android.Gradle.BeforeRunTask" enabled="true" />
     </method>
   </configuration>
-</component>
+</component>

.idea/runConfigurations/app.xml

@@ -0,0 +1,66 @@
+<component name="ProjectRunConfigurationManager">
+  <configuration default="false" name="app" type="AndroidRunConfigurationType" factoryName="Android App" singleton="true">
+    <module name="seedvault.Seedvault.app.main" />
+    <option name="DEPLOY" value="true" />
+    <option name="DEPLOY_APK_FROM_BUNDLE" value="false" />
+    <option name="DEPLOY_AS_INSTANT" value="false" />
+    <option name="ARTIFACT_NAME" value="" />
+    <option name="PM_INSTALL_OPTIONS" value="" />
+    <option name="ALL_USERS" value="false" />
+    <option name="ALWAYS_INSTALL_WITH_PM" value="true" />
+    <option name="CLEAR_APP_STORAGE" value="false" />
+    <option name="DYNAMIC_FEATURES_DISABLED_LIST" value="" />
+    <option name="ACTIVITY_EXTRA_FLAGS" value="" />
+    <option name="MODE" value="default_activity" />
+    <option name="CLEAR_LOGCAT" value="false" />
+    <option name="SHOW_LOGCAT_AUTOMATICALLY" value="false" />
+    <option name="TARGET_SELECTION_MODE" value="DEVICE_AND_SNAPSHOT_COMBO_BOX" />
+    <option name="DEBUGGER_TYPE" value="Auto" />
+    <Auto>
+      <option name="USE_JAVA_AWARE_DEBUGGER" value="false" />
+      <option name="SHOW_STATIC_VARS" value="true" />
+      <option name="WORKING_DIR" value="" />
+      <option name="TARGET_LOGGING_CHANNELS" value="lldb process:gdb-remote packets" />
+      <option name="SHOW_OPTIMIZED_WARNING" value="true" />
+      <option name="ATTACH_ON_WAIT_FOR_DEBUGGER" value="false" />
+      <option name="DEBUG_SANDBOX_SDK" value="false" />
+    </Auto>
+    <Hybrid>
+      <option name="USE_JAVA_AWARE_DEBUGGER" value="false" />
+      <option name="SHOW_STATIC_VARS" value="true" />
+      <option name="WORKING_DIR" value="" />
+      <option name="TARGET_LOGGING_CHANNELS" value="lldb process:gdb-remote packets" />
+      <option name="SHOW_OPTIMIZED_WARNING" value="true" />
+      <option name="ATTACH_ON_WAIT_FOR_DEBUGGER" value="false" />
+      <option name="DEBUG_SANDBOX_SDK" value="false" />
+    </Hybrid>
+    <Java>
+      <option name="ATTACH_ON_WAIT_FOR_DEBUGGER" value="false" />
+      <option name="DEBUG_SANDBOX_SDK" value="false" />
+    </Java>
+    <Native>
+      <option name="USE_JAVA_AWARE_DEBUGGER" value="false" />
+      <option name="SHOW_STATIC_VARS" value="true" />
+      <option name="WORKING_DIR" value="" />
+      <option name="TARGET_LOGGING_CHANNELS" value="lldb process:gdb-remote packets" />
+      <option name="SHOW_OPTIMIZED_WARNING" value="true" />
+      <option name="ATTACH_ON_WAIT_FOR_DEBUGGER" value="false" />
+      <option name="DEBUG_SANDBOX_SDK" value="false" />
+    </Native>
+    <Profilers>
+      <option name="ADVANCED_PROFILING_ENABLED" value="false" />
+      <option name="STARTUP_PROFILING_ENABLED" value="false" />
+      <option name="STARTUP_CPU_PROFILING_ENABLED" value="false" />
+      <option name="STARTUP_CPU_PROFILING_CONFIGURATION_NAME" value="Java/Kotlin Method Sample (legacy)" />
+      <option name="STARTUP_NATIVE_MEMORY_PROFILING_ENABLED" value="false" />
+      <option name="NATIVE_MEMORY_SAMPLE_RATE_BYTES" value="2048" />
+    </Profilers>
+    <option name="DEEP_LINK" value="" />
+    <option name="ACTIVITY_CLASS" value="" />
+    <option name="SEARCH_ACTIVITY_IN_GLOBAL_SCOPE" value="false" />
+    <option name="SKIP_ACTIVITY_VALIDATION" value="false" />
+    <method v="2">
+      <option name="Android.Gradle.BeforeRunTask" enabled="true" />
+    </method>
+  </configuration>
+</component>

.idea/runConfigurations/app_emulator.xml

@@ -0,0 +1,68 @@
+<component name="ProjectRunConfigurationManager">
+  <configuration default="false" name="app-emulator" type="AndroidRunConfigurationType" factoryName="Android App">
+    <module name="Seedvault.app.main" />
+    <option name="DEPLOY" value="false" />
+    <option name="DEPLOY_APK_FROM_BUNDLE" value="false" />
+    <option name="DEPLOY_AS_INSTANT" value="false" />
+    <option name="ARTIFACT_NAME" value="" />
+    <option name="PM_INSTALL_OPTIONS" value="" />
+    <option name="ALL_USERS" value="false" />
+    <option name="ALWAYS_INSTALL_WITH_PM" value="false" />
+    <option name="CLEAR_APP_STORAGE" value="false" />
+    <option name="ACTIVITY_EXTRA_FLAGS" value="" />
+    <option name="MODE" value="specific_activity" />
+    <option name="CLEAR_LOGCAT" value="false" />
+    <option name="SHOW_LOGCAT_AUTOMATICALLY" value="false" />
+    <option name="INSPECTION_WITHOUT_ACTIVITY_RESTART" value="false" />
+    <option name="TARGET_SELECTION_MODE" value="SHOW_DIALOG" />
+    <option name="SELECTED_CLOUD_MATRIX_CONFIGURATION_ID" value="-1" />
+    <option name="SELECTED_CLOUD_MATRIX_PROJECT_ID" value="" />
+    <option name="DEBUGGER_TYPE" value="Java" />
+    <Auto>
+      <option name="USE_JAVA_AWARE_DEBUGGER" value="false" />
+      <option name="SHOW_STATIC_VARS" value="true" />
+      <option name="WORKING_DIR" value="" />
+      <option name="TARGET_LOGGING_CHANNELS" value="lldb process:gdb-remote packets" />
+      <option name="SHOW_OPTIMIZED_WARNING" value="true" />
+      <option name="ATTACH_ON_WAIT_FOR_DEBUGGER" value="true" />
+      <option name="DEBUG_SANDBOX_SDK" value="false" />
+    </Auto>
+    <Hybrid>
+      <option name="USE_JAVA_AWARE_DEBUGGER" value="false" />
+      <option name="SHOW_STATIC_VARS" value="true" />
+      <option name="WORKING_DIR" value="" />
+      <option name="TARGET_LOGGING_CHANNELS" value="lldb process:gdb-remote packets" />
+      <option name="SHOW_OPTIMIZED_WARNING" value="true" />
+      <option name="ATTACH_ON_WAIT_FOR_DEBUGGER" value="false" />
+      <option name="DEBUG_SANDBOX_SDK" value="false" />
+    </Hybrid>
+    <Java>
+      <option name="ATTACH_ON_WAIT_FOR_DEBUGGER" value="true" />
+      <option name="DEBUG_SANDBOX_SDK" value="false" />
+    </Java>
+    <Native>
+      <option name="USE_JAVA_AWARE_DEBUGGER" value="false" />
+      <option name="SHOW_STATIC_VARS" value="true" />
+      <option name="WORKING_DIR" value="" />
+      <option name="TARGET_LOGGING_CHANNELS" value="lldb process:gdb-remote packets" />
+      <option name="SHOW_OPTIMIZED_WARNING" value="true" />
+      <option name="ATTACH_ON_WAIT_FOR_DEBUGGER" value="false" />
+      <option name="DEBUG_SANDBOX_SDK" value="false" />
+    </Native>
+    <Profilers>
+      <option name="ADVANCED_PROFILING_ENABLED" value="false" />
+      <option name="STARTUP_PROFILING_ENABLED" value="false" />
+      <option name="STARTUP_CPU_PROFILING_ENABLED" value="false" />
+      <option name="STARTUP_CPU_PROFILING_CONFIGURATION_NAME" value="Java/Kotlin Method Sample (legacy)" />
+      <option name="STARTUP_NATIVE_MEMORY_PROFILING_ENABLED" value="false" />
+      <option name="NATIVE_MEMORY_SAMPLE_RATE_BYTES" value="2048" />
+    </Profilers>
+    <option name="DEEP_LINK" value="" />
+    <option name="ACTIVITY_CLASS" value="com.stevesoltys.seedvault.settings.SettingsActivity" />
+    <option name="SEARCH_ACTIVITY_IN_GLOBAL_SCOPE" value="false" />
+    <option name="SKIP_ACTIVITY_VALIDATION" value="false" />
+    <method v="2">
+      <option name="Gradle.BeforeRunTask" enabled="false" tasks="installEmulatorRelease" externalProjectPath="$PROJECT_DIR$/app" vmOptions="" scriptParameters="" />
+    </method>
+  </configuration>
+</component>

.idea/scopes/Kotlin_Files.xml

@@ -0,0 +1,3 @@
+<component name="DependencyValidationManager">
+  <scope name="Kotlin Files" pattern="file[Seedvault.app]:*/*.kt" />
+</component>

.idea/scopes/XML_Files.xml

@@ -0,0 +1,3 @@
+<component name="DependencyValidationManager">
+  <scope name="XML Files" pattern="file[Seedvault.app]:*/*.xml" />
+</component>

.reuse/dep5

@@ -0,0 +1,72 @@
+Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
+Upstream-Name: Seedvault
+Upstream-Contact: The Calyx Institute
+Source: https://github.com/seedvault-app/seedvault
+
+Files: .github/workflows/build.yml
+       .github/workflows/client.yml
+       .github/workflows/test.yml
+       .gitignore
+       CHANGELOG.md README.md app/development/DEVELOPMENT.md
+Copyright: 2017-2020 Steve Soltys
+           2020 The Calyx Institute
+License: Apache-2.0
+
+Files: .cirrus.yml .editorconfig .idea/*
+       app/platform.jks app/development/platform.jks
+       app/src/main/res/values-*/strings.xml
+Copyright: 2020 The Calyx Institute
+License: Apache-2.0
+
+Files: libs/dav4jvm/dav4jvm-2.2.1.jar
+Copyright: 2024 bitfire web engineering
+License: MPL-2.0
+
+Files: libs/dav4jvm/okhttp-4.11.0.jar
+       libs/dav4jvm/okio-jvm-3.7.0.jar
+Copyright: 2024 Square, Inc.
+License: Apache-2.0
+
+Files: libs/koin-android/koin-android-3.2.0.aar
+       libs/koin-android/koin-core-jvm-3.2.0.jar
+Copyright: 2022 insert-koin.io
+License: Apache-2.0
+
+Files: libs/kotlin-bip39-jvm-1.0.6.jar
+Copyright: 2020 Zcash
+License: MIT
+
+Files: contactsbackup/*.gitignore contactsbackup/*.md
+       contactsbackup/src/main/res/values-*/strings.xml
+Copyright: 2020 The Calyx Institute
+License: Apache-2.0
+
+Files: contactsbackup/libs/com.android.vcard.jar
+Copyright: 2010 The Android Open Source Project
+License: Apache-2.0
+
+Files: storage/*.gitignore storage/*.md
+       storage/lib/src/main/proto/*.proto
+       storage/lib/src/main/res/values-*/strings.xml
+Copyright: 2021 The Calyx Institute
+License: Apache-2.0
+
+Files: storage/lib/libs/tink-android-1.10.0.jar
+Copyright: 2022 Google LLC
+License: Apache-2.0
+
+Files: storage/demo/src/main/assets/test.jpg
+Copyright: Toytoy at English Wikipedia
+License: CC-BY-SA-3.0
+
+Files: storage/demo/src/main/ic_launcher-playstore.png
+Copyright: Material Design Authors / Google LLC
+License: Apache-2.0
+
+Files: gradle/wrapper/*
+Copyright: 2007-2023 Gradle, Inc.
+License: Apache-2.0
+
+Files: gradlew*
+Copyright: 2007-2023 Gradle, Inc.
+License: Apache-2.0

Android.bp

@@ -1,17 +1,6 @@
 //
-// Copyright (C) 2018 The Android Open Source Project
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
+// SPDX-FileCopyrightText: 2020 The Calyx Institute
+// SPDX-License-Identifier: Apache-2.0
 //
 
 android_app {
@@ -19,39 +8,63 @@ android_app {
     srcs: [
         "app/src/main/java/**/*.kt",
         "app/src/main/java/**/*.java",
+        "app/src/main/proto/*.proto",
+        // as of Android 15, there is no way to pass --kotlin_out to aprotoc compiler
+        "app/build/generated/source/proto/debug/kotlin/com/stevesoltys/seedvault/proto/*.kt",
     ],
     resource_dirs: [
         "app/src/main/res",
     ],
+    asset_dirs: [
+        "app/src/main/assets"
+    ],
+    proto: {
+        type: "lite",
+        local_include_dirs: ["app/src/main/proto"],
+    },
     static_libs: [
         "kotlin-stdlib-jdk8",
+        "libprotobuf-java-lite",
         "androidx.core_core-ktx",
+        "androidx.fragment_fragment-ktx",
+        "androidx.activity_activity-ktx",
         "androidx.preference_preference",
+        "androidx.documentfile_documentfile",
+        "androidx.work_work-runtime-ktx",
         "androidx.lifecycle_lifecycle-viewmodel-ktx",
         "androidx.lifecycle_lifecycle-livedata-ktx",
         "androidx-constraintlayout_constraintlayout",
         "com.google.android.material_material",
-        // storage
-        "seedvault-lib-storage", // did not manage to add this as transitive dependency
-        "seedvault-lib-tink-android",
-        "androidx.room_room-runtime",
-        "libprotobuf-java-lite",
+        "kotlinx-coroutines-android",
+        "kotlinx-coroutines-core",
+        "seedvault-lib-kotlin-logging-jvm",
+        // app backup related libs
+        "seedvault-lib-protobuf-kotlin-lite",
+        "seedvault-logback-android",
+        "seedvault-lib-chunker",
+        "seedvault-lib-zstd-jni",
+        "okio-lib",
+        // our own gradle module libs
+        "seedvault-lib-core",
+        "seedvault-lib-storage",
         // koin
-        "seedvault-lib-koin-core", // did not manage to add this as transitive dependency
+        "seedvault-lib-koin-core-jvm", // did not manage to add this as transitive dependency
         "seedvault-lib-koin-android",
-        "seedvault-lib-koin-androidx-viewmodel",
         // bip39
         "seedvault-lib-kotlin-bip39",
     ],
+    use_embedded_native_libs: true,
     manifest: "app/src/main/AndroidManifest.xml",
 
     platform_apis: true,
+    system_ext_specific: true,
     certificate: "platform",
     privileged: true,
     required: [
         "LocalContactsBackup",
-        "privapp_whitelist_com.stevesoltys.backup",
-        "com.stevesoltys.backup_whitelist"
+        "com.stevesoltys.backup_allowlist",
+        "com.stevesoltys.backup_default-permissions",
+        "com.stevesoltys.backup_privapp_allowlist"
     ],
     optimize: {
         enabled: false,
@@ -59,15 +72,25 @@ android_app {
 }
 
 prebuilt_etc {
-    name: "privapp_whitelist_com.stevesoltys.backup",
-    sub_dir: "permissions",
-    src: "permissions_com.stevesoltys.seedvault.xml",
+    name: "com.stevesoltys.backup_allowlist",
+    system_ext_specific: true,
+    sub_dir: "sysconfig",
+    src: "allowlist_com.stevesoltys.seedvault.xml",
     filename_from_src: true,
 }
 
 prebuilt_etc {
-    name: "com.stevesoltys.backup_whitelist",
-    sub_dir: "sysconfig",
-    src: "whitelist_com.stevesoltys.seedvault.xml",
+    name: "com.stevesoltys.backup_default-permissions",
+    system_ext_specific: true,
+    sub_dir: "default-permissions",
+    src: "default-permissions_com.stevesoltys.seedvault.xml",
+    filename_from_src: true,
+}
+
+prebuilt_etc {
+    name: "com.stevesoltys.backup_privapp_allowlist",
+    system_ext_specific: true,
+    sub_dir: "permissions",
+    src: "permissions_com.stevesoltys.seedvault.xml",
     filename_from_src: true,
 }

CHANGELOG.md

@@ -1,3 +1,76 @@
+## [15-5.0] - 2024-10-15
+* First Android 15 release
+* New backup format using compression and deduplication
+* Can still restore old backups, but old Seedvault can't restore backups from this version
+* Faster and more reliable backups making snapshots that can individually be restored
+* Auto-cleaning of old backups
+* All backups now mimic device-to-device (allowing backup for all apps)
+* All backups now use a high per-app app quota
+* App backup (for APKs) moved to expert settings
+* Show more information for backups available to restore
+* Fix "Waiting to back up..." showing for apps
+
+## [14-4.1] - 2024-08-23
+* It is now possible to restore after setting up a profile
+* It is now possible to select what to restore (e.g. apps, files...)
+* Automatic backup scheduling can now be modified by the user
+* Native support for WebDAV
+* Support for RoundSync (if enabled by the OS)
+* Now in Material 3
+* Name of profile is now shown when selecting a backup to restore
+* Already installed apps are not reinstalled anymore
+* Already stored files do not create duplicates anymore
+* Respect policy when the installation of apps is disallowed
+* Storage backup is now beta instead of experimental
+* D2D is now alpha instead of experimental
+* Various corrections to the UI
+
+## [14-4.0] - 2024-01-24
+* Add experimental support for forcing "D2D" transfer backups
+* Pretend to be a device-to-device transfer to allow backing up many apps which prevent backup
+* Stop backing up excluded app APKs
+* Show size of app backups in Backup Status screen
+* Slight improvements to color scheme
+* Development: Improve CI testing setup
+
+## [14-3.3] - 2023-10-06
+* Android 14
+
+## [13-3.3] - 2023-01-11
+* Mark Nextcloud as "Not recommended"
+* Warn before turning off backups
+* Avoid corrupting old backups when turning off backups
+* Pre-grant `ACCESS_MEDIA_LOCATION` permission for Storage backups
+
+## [13-3.2] - 2022-12-29
+* Add expert option to save logs
+* Add more details about branching to README
+* Improvements for debug builds
+* Documentation improvements
+* Better error handling in some cases
+* Some Android 13 upgrades
+
+## [13-3.1] - 2022-09-01
+* Initial release for Android 13
+* Don't attempt to restore app that is used as a backup location (e.g. Nextcloud),
+  because can cause restore to abort early 
+* Upgrade several libraries
+
+## [12-3.0] - 2021-10-13
+* Initial release for Android 12
+* Use the same (faster and more secure) crypto that storage backups use,
+  for app backup.
+* Avoid leaking installed app list through filenames by using salted names
+* Old backups can still be restored, but new backups will be made with this format
+* If you generated the recovery code / setup Seedvault before 11-1.2, you will be prompted
+  to generate a new code.
+* Improve backup behavior in general
+
+## [11-2.3] - 2021-10-02
+### Fixed
+* Fix translations for the new BIP39 library
+* Switch all translations references to github.com/seedvault-app
+
 ## [11-2.2] - 2021-09-29
 ### User-facing changes
 * Don't backup on metered networks

LICENSE

@@ -1,202 +0,0 @@
-
-                                 Apache License
-                           Version 2.0, January 2004
-                        http://www.apache.org/licenses/
-
-   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
-
-   1. Definitions.
-
-      "License" shall mean the terms and conditions for use, reproduction,
-      and distribution as defined by Sections 1 through 9 of this document.
-
-      "Licensor" shall mean the copyright owner or entity authorized by
-      the copyright owner that is granting the License.
-
-      "Legal Entity" shall mean the union of the acting entity and all
-      other entities that control, are controlled by, or are under common
-      control with that entity. For the purposes of this definition,
-      "control" means (i) the power, direct or indirect, to cause the
-      direction or management of such entity, whether by contract or
-      otherwise, or (ii) ownership of fifty percent (50%) or more of the
-      outstanding shares, or (iii) beneficial ownership of such entity.
-
-      "You" (or "Your") shall mean an individual or Legal Entity
-      exercising permissions granted by this License.
-
-      "Source" form shall mean the preferred form for making modifications,
-      including but not limited to software source code, documentation
-      source, and configuration files.
-
-      "Object" form shall mean any form resulting from mechanical
-      transformation or translation of a Source form, including but
-      not limited to compiled object code, generated documentation,
-      and conversions to other media types.
-
-      "Work" shall mean the work of authorship, whether in Source or
-      Object form, made available under the License, as indicated by a
-      copyright notice that is included in or attached to the work
-      (an example is provided in the Appendix below).
-
-      "Derivative Works" shall mean any work, whether in Source or Object
-      form, that is based on (or derived from) the Work and for which the
-      editorial revisions, annotations, elaborations, or other modifications
-      represent, as a whole, an original work of authorship. For the purposes
-      of this License, Derivative Works shall not include works that remain
-      separable from, or merely link (or bind by name) to the interfaces of,
-      the Work and Derivative Works thereof.
-
-      "Contribution" shall mean any work of authorship, including
-      the original version of the Work and any modifications or additions
-      to that Work or Derivative Works thereof, that is intentionally
-      submitted to Licensor for inclusion in the Work by the copyright owner
-      or by an individual or Legal Entity authorized to submit on behalf of
-      the copyright owner. For the purposes of this definition, "submitted"
-      means any form of electronic, verbal, or written communication sent
-      to the Licensor or its representatives, including but not limited to
-      communication on electronic mailing lists, source code control systems,
-      and issue tracking systems that are managed by, or on behalf of, the
-      Licensor for the purpose of discussing and improving the Work, but
-      excluding communication that is conspicuously marked or otherwise
-      designated in writing by the copyright owner as "Not a Contribution."
-
-      "Contributor" shall mean Licensor and any individual or Legal Entity
-      on behalf of whom a Contribution has been received by Licensor and
-      subsequently incorporated within the Work.
-
-   2. Grant of Copyright License. Subject to the terms and conditions of
-      this License, each Contributor hereby grants to You a perpetual,
-      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
-      copyright license to reproduce, prepare Derivative Works of,
-      publicly display, publicly perform, sublicense, and distribute the
-      Work and such Derivative Works in Source or Object form.
-
-   3. Grant of Patent License. Subject to the terms and conditions of
-      this License, each Contributor hereby grants to You a perpetual,
-      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
-      (except as stated in this section) patent license to make, have made,
-      use, offer to sell, sell, import, and otherwise transfer the Work,
-      where such license applies only to those patent claims licensable
-      by such Contributor that are necessarily infringed by their
-      Contribution(s) alone or by combination of their Contribution(s)
-      with the Work to which such Contribution(s) was submitted. If You
-      institute patent litigation against any entity (including a
-      cross-claim or counterclaim in a lawsuit) alleging that the Work
-      or a Contribution incorporated within the Work constitutes direct
-      or contributory patent infringement, then any patent licenses
-      granted to You under this License for that Work shall terminate
-      as of the date such litigation is filed.
-
-   4. Redistribution. You may reproduce and distribute copies of the
-      Work or Derivative Works thereof in any medium, with or without
-      modifications, and in Source or Object form, provided that You
-      meet the following conditions:
-
-      (a) You must give any other recipients of the Work or
-          Derivative Works a copy of this License; and
-
-      (b) You must cause any modified files to carry prominent notices
-          stating that You changed the files; and
-
-      (c) You must retain, in the Source form of any Derivative Works
-          that You distribute, all copyright, patent, trademark, and
-          attribution notices from the Source form of the Work,
-          excluding those notices that do not pertain to any part of
-          the Derivative Works; and
-
-      (d) If the Work includes a "NOTICE" text file as part of its
-          distribution, then any Derivative Works that You distribute must
-          include a readable copy of the attribution notices contained
-          within such NOTICE file, excluding those notices that do not
-          pertain to any part of the Derivative Works, in at least one
-          of the following places: within a NOTICE text file distributed
-          as part of the Derivative Works; within the Source form or
-          documentation, if provided along with the Derivative Works; or,
-          within a display generated by the Derivative Works, if and
-          wherever such third-party notices normally appear. The contents
-          of the NOTICE file are for informational purposes only and
-          do not modify the License. You may add Your own attribution
-          notices within Derivative Works that You distribute, alongside
-          or as an addendum to the NOTICE text from the Work, provided
-          that such additional attribution notices cannot be construed
-          as modifying the License.
-
-      You may add Your own copyright statement to Your modifications and
-      may provide additional or different license terms and conditions
-      for use, reproduction, or distribution of Your modifications, or
-      for any such Derivative Works as a whole, provided Your use,
-      reproduction, and distribution of the Work otherwise complies with
-      the conditions stated in this License.
-
-   5. Submission of Contributions. Unless You explicitly state otherwise,
-      any Contribution intentionally submitted for inclusion in the Work
-      by You to the Licensor shall be under the terms and conditions of
-      this License, without any additional terms or conditions.
-      Notwithstanding the above, nothing herein shall supersede or modify
-      the terms of any separate license agreement you may have executed
-      with Licensor regarding such Contributions.
-
-   6. Trademarks. This License does not grant permission to use the trade
-      names, trademarks, service marks, or product names of the Licensor,
-      except as required for reasonable and customary use in describing the
-      origin of the Work and reproducing the content of the NOTICE file.
-
-   7. Disclaimer of Warranty. Unless required by applicable law or
-      agreed to in writing, Licensor provides the Work (and each
-      Contributor provides its Contributions) on an "AS IS" BASIS,
-      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
-      implied, including, without limitation, any warranties or conditions
-      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
-      PARTICULAR PURPOSE. You are solely responsible for determining the
-      appropriateness of using or redistributing the Work and assume any
-      risks associated with Your exercise of permissions under this License.
-
-   8. Limitation of Liability. In no event and under no legal theory,
-      whether in tort (including negligence), contract, or otherwise,
-      unless required by applicable law (such as deliberate and grossly
-      negligent acts) or agreed to in writing, shall any Contributor be
-      liable to You for damages, including any direct, indirect, special,
-      incidental, or consequential damages of any character arising as a
-      result of this License or out of the use or inability to use the
-      Work (including but not limited to damages for loss of goodwill,
-      work stoppage, computer failure or malfunction, or any and all
-      other commercial damages or losses), even if such Contributor
-      has been advised of the possibility of such damages.
-
-   9. Accepting Warranty or Additional Liability. While redistributing
-      the Work or Derivative Works thereof, You may choose to offer,
-      and charge a fee for, acceptance of support, warranty, indemnity,
-      or other liability obligations and/or rights consistent with this
-      License. However, in accepting such obligations, You may act only
-      on Your own behalf and on Your sole responsibility, not on behalf
-      of any other Contributor, and only if You agree to indemnify,
-      defend, and hold each Contributor harmless for any liability
-      incurred by, or claims asserted against, such Contributor by reason
-      of your accepting any such warranty or additional liability.
-
-   END OF TERMS AND CONDITIONS
-
-   APPENDIX: How to apply the Apache License to your work.
-
-      To apply the Apache License to your work, attach the following
-      boilerplate notice, with the fields enclosed by brackets "[]"
-      replaced with your own identifying information. (Don't include
-      the brackets!)  The text should be enclosed in the appropriate
-      comment syntax for the file format. We also recommend that a
-      file or class name and description of purpose be included on the
-      same "printed page" as the copyright notice for easier
-      identification within third-party archives.
-
-   Copyright [2019] [Steve Soltys]
-
-   Licensed under the Apache License, Version 2.0 (the "License");
-   you may not use this file except in compliance with the License.
-   You may obtain a copy of the License at
-
-       http://www.apache.org/licenses/LICENSE-2.0
-
-   Unless required by applicable law or agreed to in writing, software
-   distributed under the License is distributed on an "AS IS" BASIS,
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   See the License for the specific language governing permissions and
-   limitations under the License.

LICENSES/AGPL-3.0-or-later.txt

@@ -0,0 +1,235 @@
+GNU AFFERO GENERAL PUBLIC LICENSE
+Version 3, 19 November 2007
+
+Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>
+
+Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed.
+
+                            Preamble
+
+The GNU Affero General Public License is a free, copyleft license for software and other kinds of works, specifically designed to ensure cooperation with the community in the case of network server software.
+
+The licenses for most software and other practical works are designed to take away your freedom to share and change the works.  By contrast, our General Public Licenses are intended to guarantee your freedom to share and change all versions of a program--to make sure it remains free software for all its users.
+
+When we speak of free software, we are referring to freedom, not price.  Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for them if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs, and that you know you can do these things.
+
+Developers that use our General Public Licenses protect your rights with two steps: (1) assert copyright on the software, and (2) offer you this License which gives you legal permission to copy, distribute and/or modify the software.
+
+A secondary benefit of defending all users' freedom is that improvements made in alternate versions of the program, if they receive widespread use, become available for other developers to incorporate.  Many developers of free software are heartened and encouraged by the resulting cooperation.  However, in the case of software used on network servers, this result may fail to come about. The GNU General Public License permits making a modified version and letting the public access it on a server without ever releasing its source code to the public.
+
+The GNU Affero General Public License is designed specifically to ensure that, in such cases, the modified source code becomes available to the community.  It requires the operator of a network server to provide the source code of the modified version running there to the users of that server.  Therefore, public use of a modified version, on a publicly accessible server, gives the public access to the source code of the modified version.
+
+An older license, called the Affero General Public License and published by Affero, was designed to accomplish similar goals.  This is a different license, not a version of the Affero GPL, but Affero has released a new version of the Affero GPL which permits relicensing under this license.
+
+The precise terms and conditions for copying, distribution and modification follow.
+
+                       TERMS AND CONDITIONS
+
+0. Definitions.
+
+"This License" refers to version 3 of the GNU Affero General Public License.
+
+"Copyright" also means copyright-like laws that apply to other kinds of works, such as semiconductor masks.
+
+"The Program" refers to any copyrightable work licensed under this License.  Each licensee is addressed as "you".  "Licensees" and "recipients" may be individuals or organizations.
+
+To "modify" a work means to copy from or adapt all or part of the work in a fashion requiring copyright permission, other than the making of an exact copy.  The resulting work is called a "modified version" of the earlier work or a work "based on" the earlier work.
+
+A "covered work" means either the unmodified Program or a work based on the Program.
+
+To "propagate" a work means to do anything with it that, without permission, would make you directly or secondarily liable for infringement under applicable copyright law, except executing it on a computer or modifying a private copy.  Propagation includes copying, distribution (with or without modification), making available to the public, and in some countries other activities as well.
+
+To "convey" a work means any kind of propagation that enables other parties to make or receive copies.  Mere interaction with a user through a computer network, with no transfer of a copy, is not conveying.
+
+An interactive user interface displays "Appropriate Legal Notices" to the extent that it includes a convenient and prominently visible feature that (1) displays an appropriate copyright notice, and (2) tells the user that there is no warranty for the work (except to the extent that warranties are provided), that licensees may convey the work under this License, and how to view a copy of this License.  If the interface presents a list of user commands or options, such as a menu, a prominent item in the list meets this criterion.
+
+1. Source Code.
+The "source code" for a work means the preferred form of the work for making modifications to it.  "Object code" means any non-source form of a work.
+
+A "Standard Interface" means an interface that either is an official standard defined by a recognized standards body, or, in the case of interfaces specified for a particular programming language, one that is widely used among developers working in that language.
+
+The "System Libraries" of an executable work include anything, other than the work as a whole, that (a) is included in the normal form of packaging a Major Component, but which is not part of that Major Component, and (b) serves only to enable use of the work with that Major Component, or to implement a Standard Interface for which an implementation is available to the public in source code form.  A "Major Component", in this context, means a major essential component (kernel, window system, and so on) of the specific operating system (if any) on which the executable work runs, or a compiler used to produce the work, or an object code interpreter used to run it.
+
+The "Corresponding Source" for a work in object code form means all the source code needed to generate, install, and (for an executable work) run the object code and to modify the work, including scripts to control those activities.  However, it does not include the work's System Libraries, or general-purpose tools or generally available free programs which are used unmodified in performing those activities but which are not part of the work.  For example, Corresponding Source includes interface definition files associated with source files for the work, and the source code for shared libraries and dynamically linked subprograms that the work is specifically designed to require, such as by intimate data communication or control flow between those
+subprograms and other parts of the work.
+
+The Corresponding Source need not include anything that users can regenerate automatically from other parts of the Corresponding Source.
+
+The Corresponding Source for a work in source code form is that same work.
+
+2. Basic Permissions.
+All rights granted under this License are granted for the term of copyright on the Program, and are irrevocable provided the stated conditions are met.  This License explicitly affirms your unlimited permission to run the unmodified Program.  The output from running a covered work is covered by this License only if the output, given its content, constitutes a covered work.  This License acknowledges your rights of fair use or other equivalent, as provided by copyright law.
+
+You may make, run and propagate covered works that you do not convey, without conditions so long as your license otherwise remains in force.  You may convey covered works to others for the sole purpose of having them make modifications exclusively for you, or provide you with facilities for running those works, provided that you comply with the terms of this License in conveying all material for which you do not control copyright.  Those thus making or running the covered works for you must do so exclusively on your behalf, under your direction and control, on terms that prohibit them from making any copies of your copyrighted material outside their relationship with you.
+
+Conveying under any other circumstances is permitted solely under the conditions stated below.  Sublicensing is not allowed; section 10 makes it unnecessary.
+
+3. Protecting Users' Legal Rights From Anti-Circumvention Law.
+No covered work shall be deemed part of an effective technological measure under any applicable law fulfilling obligations under article 11 of the WIPO copyright treaty adopted on 20 December 1996, or similar laws prohibiting or restricting circumvention of such measures.
+
+When you convey a covered work, you waive any legal power to forbid circumvention of technological measures to the extent such circumvention is effected by exercising rights under this License with respect to the covered work, and you disclaim any intention to limit operation or modification of the work as a means of enforcing, against the work's users, your or third parties' legal rights to forbid circumvention of technological measures.
+
+4. Conveying Verbatim Copies.
+You may convey verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice; keep intact all notices stating that this License and any non-permissive terms added in accord with section 7 apply to the code; keep intact all notices of the absence of any warranty; and give all recipients a copy of this License along with the Program.
+
+You may charge any price or no price for each copy that you convey, and you may offer support or warranty protection for a fee.
+
+5. Conveying Modified Source Versions.
+You may convey a work based on the Program, or the modifications to produce it from the Program, in the form of source code under the terms of section 4, provided that you also meet all of these conditions:
+
+    a) The work must carry prominent notices stating that you modified it, and giving a relevant date.
+
+    b) The work must carry prominent notices stating that it is released under this License and any conditions added under section 7.  This requirement modifies the requirement in section 4 to "keep intact all notices".
+
+    c) You must license the entire work, as a whole, under this License to anyone who comes into possession of a copy.  This License will therefore apply, along with any applicable section 7 additional terms, to the whole of the work, and all its parts, regardless of how they are packaged.  This License gives no permission to license the work in any other way, but it does not invalidate such permission if you have separately received it.
+
+    d) If the work has interactive user interfaces, each must display Appropriate Legal Notices; however, if the Program has interactive interfaces that do not display Appropriate Legal Notices, your work need not make them do so.
+
+A compilation of a covered work with other separate and independent works, which are not by their nature extensions of the covered work, and which are not combined with it such as to form a larger program, in or on a volume of a storage or distribution medium, is called an "aggregate" if the compilation and its resulting copyright are not used to limit the access or legal rights of the compilation's users beyond what the individual works permit.  Inclusion of a covered work in an aggregate does not cause this License to apply to the other parts of the aggregate.
+
+6. Conveying Non-Source Forms.
+You may convey a covered work in object code form under the terms of sections 4 and 5, provided that you also convey the machine-readable Corresponding Source under the terms of this License, in one of these ways:
+
+    a) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by the Corresponding Source fixed on a durable physical medium customarily used for software interchange.
+
+    b) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by a written offer, valid for at least three years and valid for as long as you offer spare parts or customer support for that product model, to give anyone who possesses the object code either (1) a copy of the Corresponding Source for all the software in the product that is covered by this License, on a durable physical medium customarily used for software interchange, for a price no more than your reasonable cost of physically performing this conveying of source, or (2) access to copy the Corresponding Source from a network server at no charge.
+
+    c) Convey individual copies of the object code with a copy of the written offer to provide the Corresponding Source.  This alternative is allowed only occasionally and noncommercially, and only if you received the object code with such an offer, in accord with subsection 6b.
+
+    d) Convey the object code by offering access from a designated place (gratis or for a charge), and offer equivalent access to the Corresponding Source in the same way through the same place at no further charge.  You need not require recipients to copy the Corresponding Source along with the object code.  If the place to copy the object code is a network server, the Corresponding Source may be on a different server (operated by you or a third party) that supports equivalent copying facilities, provided you maintain clear directions next to the object code saying where to find the Corresponding Source.  Regardless of what server hosts the Corresponding Source, you remain obligated to ensure that it is available for as long as needed to satisfy these requirements.
+
+    e) Convey the object code using peer-to-peer transmission, provided you inform other peers where the object code and Corresponding Source of the work are being offered to the general public at no charge under subsection 6d.
+
+A separable portion of the object code, whose source code is excluded from the Corresponding Source as a System Library, need not be included in conveying the object code work.
+
+A "User Product" is either (1) a "consumer product", which means any tangible personal property which is normally used for personal, family, or household purposes, or (2) anything designed or sold for incorporation into a dwelling.  In determining whether a product is a consumer product, doubtful cases shall be resolved in favor of coverage.  For a particular product received by a particular user, "normally used" refers to a typical or common use of that class of product, regardless of the status of the particular user or of the way in which the particular user actually uses, or expects or is expected to use, the product.  A product is a consumer product regardless of whether the product has substantial commercial, industrial or non-consumer uses, unless such uses represent the only significant mode of use of the product.
+
+"Installation Information" for a User Product means any methods, procedures, authorization keys, or other information required to install and execute modified versions of a covered work in that User Product from a modified version of its Corresponding Source.  The information must suffice to ensure that the continued functioning of the modified object code is in no case prevented or interfered with solely because modification has been made.
+
+If you convey an object code work under this section in, or with, or specifically for use in, a User Product, and the conveying occurs as part of a transaction in which the right of possession and use of the User Product is transferred to the recipient in perpetuity or for a fixed term (regardless of how the transaction is characterized), the Corresponding Source conveyed under this section must be accompanied by the Installation Information.  But this requirement does not apply if neither you nor any third party retains the ability to install modified object code on the User Product (for example, the work has been installed in ROM).
+
+The requirement to provide Installation Information does not include a requirement to continue to provide support service, warranty, or updates for a work that has been modified or installed by the recipient, or for the User Product in which it has been modified or installed.  Access to a network may be denied when the modification itself materially and adversely affects the operation of the network or violates the rules and protocols for communication across the network.
+
+Corresponding Source conveyed, and Installation Information provided, in accord with this section must be in a format that is publicly documented (and with an implementation available to the public in source code form), and must require no special password or key for unpacking, reading or copying.
+
+7. Additional Terms.
+"Additional permissions" are terms that supplement the terms of this License by making exceptions from one or more of its conditions. Additional permissions that are applicable to the entire Program shall be treated as though they were included in this License, to the extent that they are valid under applicable law.  If additional permissions apply only to part of the Program, that part may be used separately under those permissions, but the entire Program remains governed by this License without regard to the additional permissions.
+
+When you convey a copy of a covered work, you may at your option remove any additional permissions from that copy, or from any part of it.  (Additional permissions may be written to require their own removal in certain cases when you modify the work.)  You may place additional permissions on material, added by you to a covered work, for which you have or can give appropriate copyright permission.
+
+Notwithstanding any other provision of this License, for material you add to a covered work, you may (if authorized by the copyright holders of that material) supplement the terms of this License with terms:
+
+    a) Disclaiming warranty or limiting liability differently from the terms of sections 15 and 16 of this License; or
+
+    b) Requiring preservation of specified reasonable legal notices or author attributions in that material or in the Appropriate Legal Notices displayed by works containing it; or
+
+    c) Prohibiting misrepresentation of the origin of that material, or requiring that modified versions of such material be marked in reasonable ways as different from the original version; or
+
+    d) Limiting the use for publicity purposes of names of licensors or authors of the material; or
+
+    e) Declining to grant rights under trademark law for use of some trade names, trademarks, or service marks; or
+
+    f) Requiring indemnification of licensors and authors of that material by anyone who conveys the material (or modified versions of it) with contractual assumptions of liability to the recipient, for any liability that these contractual assumptions directly impose on those licensors and authors.
+
+All other non-permissive additional terms are considered "further restrictions" within the meaning of section 10.  If the Program as you received it, or any part of it, contains a notice stating that it is governed by this License along with a term that is a further restriction, you may remove that term.  If a license document contains a further restriction but permits relicensing or conveying under this License, you may add to a covered work material governed by the terms of that license document, provided that the further restriction does not survive such relicensing or conveying.
+
+If you add terms to a covered work in accord with this section, you must place, in the relevant source files, a statement of the additional terms that apply to those files, or a notice indicating where to find the applicable terms.
+
+Additional terms, permissive or non-permissive, may be stated in the form of a separately written license, or stated as exceptions; the above requirements apply either way.
+
+8. Termination.
+
+You may not propagate or modify a covered work except as expressly provided under this License.  Any attempt otherwise to propagate or modify it is void, and will automatically terminate your rights under this License (including any patent licenses granted under the third paragraph of section 11).
+
+However, if you cease all violation of this License, then your license from a particular copyright holder is reinstated (a) provisionally, unless and until the copyright holder explicitly and finally terminates your license, and (b) permanently, if the copyright holder fails to notify you of the violation by some reasonable means prior to 60 days after the cessation.
+
+Moreover, your license from a particular copyright holder is reinstated permanently if the copyright holder notifies you of the violation by some reasonable means, this is the first time you have received notice of violation of this License (for any work) from that copyright holder, and you cure the violation prior to 30 days after your receipt of the notice.
+
+Termination of your rights under this section does not terminate the licenses of parties who have received copies or rights from you under this License.  If your rights have been terminated and not permanently reinstated, you do not qualify to receive new licenses for the same material under section 10.
+
+9. Acceptance Not Required for Having Copies.
+
+You are not required to accept this License in order to receive or run a copy of the Program.  Ancillary propagation of a covered work occurring solely as a consequence of using peer-to-peer transmission to receive a copy likewise does not require acceptance.  However, nothing other than this License grants you permission to propagate or modify any covered work.  These actions infringe copyright if you do not accept this License.  Therefore, by modifying or propagating a covered work, you indicate your acceptance of this License to do so.
+
+10. Automatic Licensing of Downstream Recipients.
+
+Each time you convey a covered work, the recipient automatically receives a license from the original licensors, to run, modify and propagate that work, subject to this License.  You are not responsible for enforcing compliance by third parties with this License.
+
+An "entity transaction" is a transaction transferring control of an organization, or substantially all assets of one, or subdividing an organization, or merging organizations.  If propagation of a covered work results from an entity transaction, each party to that transaction who receives a copy of the work also receives whatever licenses to the work the party's predecessor in interest had or could give under the previous paragraph, plus a right to possession of the Corresponding Source of the work from the predecessor in interest, if the predecessor has it or can get it with reasonable efforts.
+
+You may not impose any further restrictions on the exercise of the rights granted or affirmed under this License.  For example, you may not impose a license fee, royalty, or other charge for exercise of rights granted under this License, and you may not initiate litigation (including a cross-claim or counterclaim in a lawsuit) alleging that any patent claim is infringed by making, using, selling, offering for sale, or importing the Program or any portion of it.
+
+11. Patents.
+
+A "contributor" is a copyright holder who authorizes use under this License of the Program or a work on which the Program is based.  The work thus licensed is called the contributor's "contributor version".
+
+A contributor's "essential patent claims" are all patent claims owned or controlled by the contributor, whether already acquired or hereafter acquired, that would be infringed by some manner, permitted by this License, of making, using, or selling its contributor version, but do not include claims that would be infringed only as a consequence of further modification of the contributor version.  For purposes of this definition, "control" includes the right to grant patent sublicenses in a manner consistent with the requirements of this License.
+
+Each contributor grants you a non-exclusive, worldwide, royalty-free patent license under the contributor's essential patent claims, to make, use, sell, offer for sale, import and otherwise run, modify and propagate the contents of its contributor version.
+
+In the following three paragraphs, a "patent license" is any express agreement or commitment, however denominated, not to enforce a patent (such as an express permission to practice a patent or covenant not to sue for patent infringement).  To "grant" such a patent license to a party means to make such an agreement or commitment not to enforce a patent against the party.
+
+If you convey a covered work, knowingly relying on a patent license, and the Corresponding Source of the work is not available for anyone to copy, free of charge and under the terms of this License, through a publicly available network server or other readily accessible means, then you must either (1) cause the Corresponding Source to be so available, or (2) arrange to deprive yourself of the benefit of the patent license for this particular work, or (3) arrange, in a manner consistent with the requirements of this License, to extend the patent
+license to downstream recipients.  "Knowingly relying" means you have actual knowledge that, but for the patent license, your conveying the covered work in a country, or your recipient's use of the covered work in a country, would infringe one or more identifiable patents in that country that you have reason to believe are valid.
+
+If, pursuant to or in connection with a single transaction or arrangement, you convey, or propagate by procuring conveyance of, a covered work, and grant a patent license to some of the parties receiving the covered work authorizing them to use, propagate, modify or convey a specific copy of the covered work, then the patent license you grant is automatically extended to all recipients of the covered work and works based on it.
+
+A patent license is "discriminatory" if it does not include within the scope of its coverage, prohibits the exercise of, or is conditioned on the non-exercise of one or more of the rights that are specifically granted under this License.  You may not convey a covered work if you are a party to an arrangement with a third party that is in the business of distributing software, under which you make payment to the third party based on the extent of your activity of conveying the work, and under which the third party grants, to any of the parties who would receive the covered work from you, a discriminatory patent license (a) in connection with copies of the covered work conveyed by you (or copies made from those copies), or (b) primarily for and in connection with specific products or compilations that contain the covered work, unless you entered into that arrangement, or that patent license was granted, prior to 28 March 2007.
+
+Nothing in this License shall be construed as excluding or limiting any implied license or other defenses to infringement that may otherwise be available to you under applicable patent law.
+
+12. No Surrender of Others' Freedom.
+
+If conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License.  If you cannot convey a covered work so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may
+not convey it at all.  For example, if you agree to terms that obligate you to collect a royalty for further conveying from those to whom you convey the Program, the only way you could satisfy both those terms and this License would be to refrain entirely from conveying the Program.
+
+13. Remote Network Interaction; Use with the GNU General Public License.
+
+Notwithstanding any other provision of this License, if you modify the Program, your modified version must prominently offer all users interacting with it remotely through a computer network (if your version supports such interaction) an opportunity to receive the Corresponding Source of your version by providing access to the Corresponding Source from a network server at no charge, through some standard or customary means of facilitating copying of software.  This Corresponding Source shall include the Corresponding Source for any work covered by version 3 of the GNU General Public License that is incorporated pursuant to the following paragraph.
+
+Notwithstanding any other provision of this License, you have permission to link or combine any covered work with a work licensed under version 3 of the GNU General Public License into a single combined work, and to convey the resulting work.  The terms of this License will continue to apply to the part which is the covered work, but the work with which it is combined will remain governed by version 3 of the GNU General Public License.
+
+14. Revised Versions of this License.
+
+The Free Software Foundation may publish revised and/or new versions of the GNU Affero General Public License from time to time.  Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns.
+
+Each version is given a distinguishing version number.  If the Program specifies that a certain numbered version of the GNU Affero General Public License "or any later version" applies to it, you have the option of following the terms and conditions either of that numbered version or of any later version published by the Free Software Foundation.  If the Program does not specify a version number of the GNU Affero General Public License, you may choose any version ever published by the Free Software Foundation.
+
+If the Program specifies that a proxy can decide which future versions of the GNU Affero General Public License can be used, that proxy's public statement of acceptance of a version permanently authorizes you to choose that version for the Program.
+
+Later license versions may give you additional or different permissions.  However, no additional obligations are imposed on any author or copyright holder as a result of your choosing to follow a later version.
+
+15. Disclaimer of Warranty.
+
+THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW.  EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.  THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU.  SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
+
+16. Limitation of Liability.
+
+IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
+
+17. Interpretation of Sections 15 and 16.
+
+If the disclaimer of warranty and limitation of liability provided above cannot be given local legal effect according to their terms, reviewing courts shall apply local law that most closely approximates an absolute waiver of all civil liability in connection with the Program, unless a warranty or assumption of liability accompanies a copy of the Program in return for a fee.
+
+END OF TERMS AND CONDITIONS
+
+            How to Apply These Terms to Your New Programs
+
+If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms.
+
+To do so, attach the following notices to the program.  It is safest to attach them to the start of each source file to most effectively state the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found.
+
+     <one line to give the program's name and a brief idea of what it does.>
+     Copyright (C) <year>  <name of author>
+
+     This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+
+     This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Affero General Public License for more details.
+
+     You should have received a copy of the GNU Affero General Public License along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+Also add information on how to contact you by electronic and paper mail.
+
+If your software can interact with users remotely through a computer network, you should also make sure that it provides a way for users to get its source.  For example, if your program is a web application, its interface could display a "Source" link that leads users to an archive of the code.  There are many ways you could offer source, and different solutions will be better for different programs; see section 13 for the specific requirements.
+
+You should also get your employer (if you work as a programmer) or school, if any, to sign a "copyright disclaimer" for the program, if necessary. For more information on this, and how to apply and follow the GNU AGPL, see <http://www.gnu.org/licenses/>.

LICENSES/Apache-2.0.txt

@@ -0,0 +1,73 @@
+Apache License
+Version 2.0, January 2004
+http://www.apache.org/licenses/
+
+TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+1. Definitions.
+
+"License" shall mean the terms and conditions for use, reproduction, and distribution as defined by Sections 1 through 9 of this document.
+
+"Licensor" shall mean the copyright owner or entity authorized by the copyright owner that is granting the License.
+
+"Legal Entity" shall mean the union of the acting entity and all other entities that control, are controlled by, or are under common control with that entity. For the purposes of this definition, "control" means (i) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the outstanding shares, or (iii) beneficial ownership of such entity.
+
+"You" (or "Your") shall mean an individual or Legal Entity exercising permissions granted by this License.
+
+"Source" form shall mean the preferred form for making modifications, including but not limited to software source code, documentation source, and configuration files.
+
+"Object" form shall mean any form resulting from mechanical transformation or translation of a Source form, including but not limited to compiled object code, generated documentation, and conversions to other media types.
+
+"Work" shall mean the work of authorship, whether in Source or Object form, made available under the License, as indicated by a copyright notice that is included in or attached to the work (an example is provided in the Appendix below).
+
+"Derivative Works" shall mean any work, whether in Source or Object form, that is based on (or derived from) the Work and for which the editorial revisions, annotations, elaborations, or other modifications represent, as a whole, an original work of authorship. For the purposes of this License, Derivative Works shall not include works that remain separable from, or merely link (or bind by name) to the interfaces of, the Work and Derivative Works thereof.
+
+"Contribution" shall mean any work of authorship, including the original version of the Work and any modifications or additions to that Work or Derivative Works thereof, that is intentionally submitted to Licensor for inclusion in the Work by the copyright owner or by an individual or Legal Entity authorized to submit on behalf of the copyright owner. For the purposes of this definition, "submitted" means any form of electronic, verbal, or written communication sent to the Licensor or its representatives, including but not limited to communication on electronic mailing lists, source code control systems, and issue tracking systems that are managed by, or on behalf of, the Licensor for the purpose of discussing and improving the Work, but excluding communication that is conspicuously marked or otherwise designated in writing by the copyright owner as "Not a Contribution."
+
+"Contributor" shall mean Licensor and any individual or Legal Entity on behalf of whom a Contribution has been received by Licensor and subsequently incorporated within the Work.
+
+2. Grant of Copyright License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform, sublicense, and distribute the Work and such Derivative Works in Source or Object form.
+
+3. Grant of Patent License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable (except as stated in this section) patent license to make, have made, use, offer to sell, sell, import, and otherwise transfer the Work, where such license applies only to those patent claims licensable by such Contributor that are necessarily infringed by their Contribution(s) alone or by combination of their Contribution(s) with the Work to which such Contribution(s) was submitted. If You institute patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Work or a Contribution incorporated within the Work constitutes direct or contributory patent infringement, then any patent licenses granted to You under this License for that Work shall terminate as of the date such litigation is filed.
+
+4. Redistribution. You may reproduce and distribute copies of the Work or Derivative Works thereof in any medium, with or without modifications, and in Source or Object form, provided that You meet the following conditions:
+
+     (a) You must give any other recipients of the Work or Derivative Works a copy of this License; and
+
+     (b) You must cause any modified files to carry prominent notices stating that You changed the files; and
+
+     (c) You must retain, in the Source form of any Derivative Works that You distribute, all copyright, patent, trademark, and attribution notices from the Source form of the Work, excluding those notices that do not pertain to any part of the Derivative Works; and
+
+     (d) If the Work includes a "NOTICE" text file as part of its distribution, then any Derivative Works that You distribute must include a readable copy of the attribution notices contained within such NOTICE file, excluding those notices that do not pertain to any part of the Derivative Works, in at least one of the following places: within a NOTICE text file distributed as part of the Derivative Works; within the Source form or documentation, if provided along with the Derivative Works; or, within a display generated by the Derivative Works, if and wherever such third-party notices normally appear. The contents of the NOTICE file are for informational purposes only and do not modify the License. You may add Your own attribution notices within Derivative Works that You distribute, alongside or as an addendum to the NOTICE text from the Work, provided that such additional attribution notices cannot be construed as modifying the License.
+
+     You may add Your own copyright statement to Your modifications and may provide additional or different license terms and conditions for use, reproduction, or distribution of Your modifications, or for any such Derivative Works as a whole, provided Your use, reproduction, and distribution of the Work otherwise complies with the conditions stated in this License.
+
+5. Submission of Contributions. Unless You explicitly state otherwise, any Contribution intentionally submitted for inclusion in the Work by You to the Licensor shall be under the terms and conditions of this License, without any additional terms or conditions. Notwithstanding the above, nothing herein shall supersede or modify the terms of any separate license agreement you may have executed with Licensor regarding such Contributions.
+
+6. Trademarks. This License does not grant permission to use the trade names, trademarks, service marks, or product names of the Licensor, except as required for reasonable and customary use in describing the origin of the Work and reproducing the content of the NOTICE file.
+
+7. Disclaimer of Warranty. Unless required by applicable law or agreed to in writing, Licensor provides the Work (and each Contributor provides its Contributions) on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are solely responsible for determining the appropriateness of using or redistributing the Work and assume any risks associated with Your exercise of permissions under this License.
+
+8. Limitation of Liability. In no event and under no legal theory, whether in tort (including negligence), contract, or otherwise, unless required by applicable law (such as deliberate and grossly negligent acts) or agreed to in writing, shall any Contributor be liable to You for damages, including any direct, indirect, special, incidental, or consequential damages of any character arising as a result of this License or out of the use or inability to use the Work (including but not limited to damages for loss of goodwill, work stoppage, computer failure or malfunction, or any and all other commercial damages or losses), even if such Contributor has been advised of the possibility of such damages.
+
+9. Accepting Warranty or Additional Liability. While redistributing the Work or Derivative Works thereof, You may choose to offer, and charge a fee for, acceptance of support, warranty, indemnity, or other liability obligations and/or rights consistent with this License. However, in accepting such obligations, You may act only on Your own behalf and on Your sole responsibility, not on behalf of any other Contributor, and only if You agree to indemnify, defend, and hold each Contributor harmless for any liability incurred by, or claims asserted against, such Contributor by reason of your accepting any such warranty or additional liability.
+
+END OF TERMS AND CONDITIONS
+
+APPENDIX: How to apply the Apache License to your work.
+
+To apply the Apache License to your work, attach the following boilerplate notice, with the fields enclosed by brackets "[]" replaced with your own identifying information. (Don't include the brackets!)  The text should be enclosed in the appropriate comment syntax for the file format. We also recommend that a file or class name and description of purpose be included on the same "printed page" as the copyright notice for easier identification within third-party archives.
+
+Copyright [yyyy] [name of copyright owner]
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.

LICENSES/CC-BY-SA-3.0.txt

@@ -0,0 +1,99 @@
+Creative Commons Attribution-ShareAlike 3.0 Unported
+
+ CREATIVE COMMONS CORPORATION IS NOT A LAW FIRM AND DOES NOT PROVIDE LEGAL SERVICES. DISTRIBUTION OF THIS LICENSE DOES NOT CREATE AN ATTORNEY-CLIENT RELATIONSHIP. CREATIVE COMMONS PROVIDES THIS INFORMATION ON AN "AS-IS" BASIS. CREATIVE COMMONS MAKES NO WARRANTIES REGARDING THE INFORMATION PROVIDED, AND DISCLAIMS LIABILITY FOR DAMAGES RESULTING FROM ITS USE.
+
+License
+
+THE WORK (AS DEFINED BELOW) IS PROVIDED UNDER THE TERMS OF THIS CREATIVE COMMONS PUBLIC LICENSE ("CCPL" OR "LICENSE"). THE WORK IS PROTECTED BY COPYRIGHT AND/OR OTHER APPLICABLE LAW. ANY USE OF THE WORK OTHER THAN AS AUTHORIZED UNDER THIS LICENSE OR COPYRIGHT LAW IS PROHIBITED.
+
+BY EXERCISING ANY RIGHTS TO THE WORK PROVIDED HERE, YOU ACCEPT AND AGREE TO BE BOUND BY THE TERMS OF THIS LICENSE. TO THE EXTENT THIS LICENSE MAY BE CONSIDERED TO BE A CONTRACT, THE LICENSOR GRANTS YOU THE RIGHTS CONTAINED HERE IN CONSIDERATION OF YOUR ACCEPTANCE OF SUCH TERMS AND CONDITIONS.
+
+1. Definitions
+
+     a. "Adaptation" means a work based upon the Work, or upon the Work and other pre-existing works, such as a translation, adaptation, derivative work, arrangement of music or other alterations of a literary or artistic work, or phonogram or performance and includes cinematographic adaptations or any other form in which the Work may be recast, transformed, or adapted including in any form recognizably derived from the original, except that a work that constitutes a Collection will not be considered an Adaptation for the purpose of this License. For the avoidance of doubt, where the Work is a musical work, performance or phonogram, the synchronization of the Work in timed-relation with a moving image ("synching") will be considered an Adaptation for the purpose of this License.
+
+     b. "Collection" means a collection of literary or artistic works, such as encyclopedias and anthologies, or performances, phonograms or broadcasts, or other works or subject matter other than works listed in Section 1(f) below, which, by reason of the selection and arrangement of their contents, constitute intellectual creations, in which the Work is included in its entirety in unmodified form along with one or more other contributions, each constituting separate and independent works in themselves, which together are assembled into a collective whole. A work that constitutes a Collection will not be considered an Adaptation (as defined below) for the purposes of this License.
+
+     c. "Creative Commons Compatible License" means a license that is listed at http://creativecommons.org/compatiblelicenses that has been approved by Creative Commons as being essentially equivalent to this License, including, at a minimum, because that license: (i) contains terms that have the same purpose, meaning and effect as the License Elements of this License; and, (ii) explicitly permits the relicensing of adaptations of works made available under that license under this License or a Creative Commons jurisdiction license with the same License Elements as this License.
+
+     d. "Distribute" means to make available to the public the original and copies of the Work or Adaptation, as appropriate, through sale or other transfer of ownership.
+
+     e. "License Elements" means the following high-level license attributes as selected by Licensor and indicated in the title of this License: Attribution, ShareAlike.
+
+     f. "Licensor" means the individual, individuals, entity or entities that offer(s) the Work under the terms of this License.
+
+     g. "Original Author" means, in the case of a literary or artistic work, the individual, individuals, entity or entities who created the Work or if no individual or entity can be identified, the publisher; and in addition (i) in the case of a performance the actors, singers, musicians, dancers, and other persons who act, sing, deliver, declaim, play in, interpret or otherwise perform literary or artistic works or expressions of folklore; (ii) in the case of a phonogram the producer being the person or legal entity who first fixes the sounds of a performance or other sounds; and, (iii) in the case of broadcasts, the organization that transmits the broadcast.
+
+     h. "Work" means the literary and/or artistic work offered under the terms of this License including without limitation any production in the literary, scientific and artistic domain, whatever may be the mode or form of its expression including digital form, such as a book, pamphlet and other writing; a lecture, address, sermon or other work of the same nature; a dramatic or dramatico-musical work; a choreographic work or entertainment in dumb show; a musical composition with or without words; a cinematographic work to which are assimilated works expressed by a process analogous to cinematography; a work of drawing, painting, architecture, sculpture, engraving or lithography; a photographic work to which are assimilated works expressed by a process analogous to photography; a work of applied art; an illustration, map, plan, sketch or three-dimensional work relative to geography, topography, architecture or science; a performance; a broadcast; a phonogram; a compilation of data to the extent it is protected as a copyrightable work; or a work performed by a variety or circus performer to the extent it is not otherwise considered a literary or artistic work.
+
+     i. "You" means an individual or entity exercising rights under this License who has not previously violated the terms of this License with respect to the Work, or who has received express permission from the Licensor to exercise rights under this License despite a previous violation.
+
+     j. "Publicly Perform" means to perform public recitations of the Work and to communicate to the public those public recitations, by any means or process, including by wire or wireless means or public digital performances; to make available to the public Works in such a way that members of the public may access these Works from a place and at a place individually chosen by them; to perform the Work to the public by any means or process and the communication to the public of the performances of the Work, including by public digital performance; to broadcast and rebroadcast the Work by any means including signs, sounds or images.
+
+     k. "Reproduce" means to make copies of the Work by any means including without limitation by sound or visual recordings and the right of fixation and reproducing fixations of the Work, including storage of a protected performance or phonogram in digital form or other electronic medium.
+
+2. Fair Dealing Rights. Nothing in this License is intended to reduce, limit, or restrict any uses free from copyright or rights arising from limitations or exceptions that are provided for in connection with the copyright protection under copyright law or other applicable laws.
+
+3. License Grant. Subject to the terms and conditions of this License, Licensor hereby grants You a worldwide, royalty-free, non-exclusive, perpetual (for the duration of the applicable copyright) license to exercise the rights in the Work as stated below:
+
+     a. to Reproduce the Work, to incorporate the Work into one or more Collections, and to Reproduce the Work as incorporated in the Collections;
+
+     b. to create and Reproduce Adaptations provided that any such Adaptation, including any translation in any medium, takes reasonable steps to clearly label, demarcate or otherwise identify that changes were made to the original Work. For example, a translation could be marked "The original work was translated from English to Spanish," or a modification could indicate "The original work has been modified.";
+
+     c. to Distribute and Publicly Perform the Work including as incorporated in Collections; and,
+
+     d. to Distribute and Publicly Perform Adaptations.
+
+     e. For the avoidance of doubt:
+
+          i. Non-waivable Compulsory License Schemes. In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme cannot be waived, the Licensor reserves the exclusive right to collect such royalties for any exercise by You of the rights granted under this License;
+
+          ii. Waivable Compulsory License Schemes. In those jurisdictions in which the right to collect royalties through any statutory or compulsory licensing scheme can be waived, the Licensor waives the exclusive right to collect such royalties for any exercise by You of the rights granted under this License; and,
+
+          iii. Voluntary License Schemes. The Licensor waives the right to collect royalties, whether individually or, in the event that the Licensor is a member of a collecting society that administers voluntary licensing schemes, via that society, from any exercise by You of the rights granted under this License.
+
+The above rights may be exercised in all media and formats whether now known or hereafter devised. The above rights include the right to make such modifications as are technically necessary to exercise the rights in other media and formats. Subject to Section 8(f), all rights not expressly granted by Licensor are hereby reserved.
+
+4. Restrictions. The license granted in Section 3 above is expressly made subject to and limited by the following restrictions:
+
+     a. You may Distribute or Publicly Perform the Work only under the terms of this License. You must include a copy of, or the Uniform Resource Identifier (URI) for, this License with every copy of the Work You Distribute or Publicly Perform. You may not offer or impose any terms on the Work that restrict the terms of this License or the ability of the recipient of the Work to exercise the rights granted to that recipient under the terms of the License. You may not sublicense the Work. You must keep intact all notices that refer to this License and to the disclaimer of warranties with every copy of the Work You Distribute or Publicly Perform. When You Distribute or Publicly Perform the Work, You may not impose any effective technological measures on the Work that restrict the ability of a recipient of the Work from You to exercise the rights granted to that recipient under the terms of the License. This Section 4(a) applies to the Work as incorporated in a Collection, but this does not require the Collection apart from the Work itself to be made subject to the terms of this License. If You create a Collection, upon notice from any Licensor You must, to the extent practicable, remove from the Collection any credit as required by Section 4(c), as requested. If You create an Adaptation, upon notice from any Licensor You must, to the extent practicable, remove from the Adaptation any credit as required by Section 4(c), as requested.
+
+     b. You may Distribute or Publicly Perform an Adaptation only under the terms of: (i) this License; (ii) a later version of this License with the same License Elements as this License; (iii) a Creative Commons jurisdiction license (either this or a later license version) that contains the same License Elements as this License (e.g., Attribution-ShareAlike 3.0 US)); (iv) a Creative Commons Compatible License. If you license the Adaptation under one of the licenses mentioned in (iv), you must comply with the terms of that license. If you license the Adaptation under the terms of any of the licenses mentioned in (i), (ii) or (iii) (the "Applicable License"), you must comply with the terms of the Applicable License generally and the following provisions: (I) You must include a copy of, or the URI for, the Applicable License with every copy of each Adaptation You Distribute or Publicly Perform; (II) You may not offer or impose any terms on the Adaptation that restrict the terms of the Applicable License or the ability of the recipient of the Adaptation to exercise the rights granted to that recipient under the terms of the Applicable License; (III) You must keep intact all notices that refer to the Applicable License and to the disclaimer of warranties with every copy of the Work as included in the Adaptation You Distribute or Publicly Perform; (IV) when You Distribute or Publicly Perform the Adaptation, You may not impose any effective technological measures on the Adaptation that restrict the ability of a recipient of the Adaptation from You to exercise the rights granted to that recipient under the terms of the Applicable License. This Section 4(b) applies to the Adaptation as incorporated in a Collection, but this does not require the Collection apart from the Adaptation itself to be made subject to the terms of the Applicable License.
+
+     c. If You Distribute, or Publicly Perform the Work or any Adaptations or Collections, You must, unless a request has been made pursuant to Section 4(a), keep intact all copyright notices for the Work and provide, reasonable to the medium or means You are utilizing: (i) the name of the Original Author (or pseudonym, if applicable) if supplied, and/or if the Original Author and/or Licensor designate another party or parties (e.g., a sponsor institute, publishing entity, journal) for attribution ("Attribution Parties") in Licensor's copyright notice, terms of service or by other reasonable means, the name of such party or parties; (ii) the title of the Work if supplied; (iii) to the extent reasonably practicable, the URI, if any, that Licensor specifies to be associated with the Work, unless such URI does not refer to the copyright notice or licensing information for the Work; and (iv) , consistent with Ssection 3(b), in the case of an Adaptation, a credit identifying the use of the Work in the Adaptation (e.g., "French translation of the Work by Original Author," or "Screenplay based on original Work by Original Author"). The credit required by this Section 4(c) may be implemented in any reasonable manner; provided, however, that in the case of a Adaptation or Collection, at a minimum such credit will appear, if a credit for all contributing authors of the Adaptation or Collection appears, then as part of these credits and in a manner at least as prominent as the credits for the other contributing authors. For the avoidance of doubt, You may only use the credit required by this Section for the purpose of attribution in the manner set out above and, by exercising Your rights under this License, You may not implicitly or explicitly assert or imply any connection with, sponsorship or endorsement by the Original Author, Licensor and/or Attribution Parties, as appropriate, of You or Your use of the Work, without the separate, express prior written permission of the Original Author, Licensor and/or Attribution Parties.
+
+     d. Except as otherwise agreed in writing by the Licensor or as may be otherwise permitted by applicable law, if You Reproduce, Distribute or Publicly Perform the Work either by itself or as part of any Adaptations or Collections, You must not distort, mutilate, modify or take other derogatory action in relation to the Work which would be prejudicial to the Original Author's honor or reputation. Licensor agrees that in those jurisdictions (e.g. Japan), in which any exercise of the right granted in Section 3(b) of this License (the right to make Adaptations) would be deemed to be a distortion, mutilation, modification or other derogatory action prejudicial to the Original Author's honor and reputation, the Licensor will waive or not assert, as appropriate, this Section, to the fullest extent permitted by the applicable national law, to enable You to reasonably exercise Your right under Section 3(b) of this License (right to make Adaptations) but not otherwise.
+
+5. Representations, Warranties and Disclaimer
+
+UNLESS OTHERWISE MUTUALLY AGREED TO BY THE PARTIES IN WRITING, LICENSOR OFFERS THE WORK AS-IS AND MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND CONCERNING THE WORK, EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, INCLUDING, WITHOUT LIMITATION, WARRANTIES OF TITLE, MERCHANTIBILITY, FITNESS FOR A PARTICULAR PURPOSE, NONINFRINGEMENT, OR THE ABSENCE OF LATENT OR OTHER DEFECTS, ACCURACY, OR THE PRESENCE OF ABSENCE OF ERRORS, WHETHER OR NOT DISCOVERABLE. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OF IMPLIED WARRANTIES, SO SUCH EXCLUSION MAY NOT APPLY TO YOU.
+
+6. Limitation on Liability. EXCEPT TO THE EXTENT REQUIRED BY APPLICABLE LAW, IN NO EVENT WILL LICENSOR BE LIABLE TO YOU ON ANY LEGAL THEORY FOR ANY SPECIAL, INCIDENTAL, CONSEQUENTIAL, PUNITIVE OR EXEMPLARY DAMAGES ARISING OUT OF THIS LICENSE OR THE USE OF THE WORK, EVEN IF LICENSOR HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
+
+7. Termination
+
+     a. This License and the rights granted hereunder will terminate automatically upon any breach by You of the terms of this License. Individuals or entities who have received Adaptations or Collections from You under this License, however, will not have their licenses terminated provided such individuals or entities remain in full compliance with those licenses. Sections 1, 2, 5, 6, 7, and 8 will survive any termination of this License.
+
+     b. Subject to the above terms and conditions, the license granted here is perpetual (for the duration of the applicable copyright in the Work). Notwithstanding the above, Licensor reserves the right to release the Work under different license terms or to stop distributing the Work at any time; provided, however that any such election will not serve to withdraw this License (or any other license that has been, or is required to be, granted under the terms of this License), and this License will continue in full force and effect unless terminated as stated above.
+
+8. Miscellaneous
+
+     a. Each time You Distribute or Publicly Perform the Work or a Collection, the Licensor offers to the recipient a license to the Work on the same terms and conditions as the license granted to You under this License.
+
+     b. Each time You Distribute or Publicly Perform an Adaptation, Licensor offers to the recipient a license to the original Work on the same terms and conditions as the license granted to You under this License.
+
+     c. If any provision of this License is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this License, and without further action by the parties to this agreement, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable.
+
+     d. No term or provision of this License shall be deemed waived and no breach consented to unless such waiver or consent shall be in writing and signed by the party to be charged with such waiver or consent.
+
+     e. This License constitutes the entire agreement between the parties with respect to the Work licensed here. There are no understandings, agreements or representations with respect to the Work not specified here. Licensor shall not be bound by any additional provisions that may appear in any communication from You. This License may not be modified without the mutual written agreement of the Licensor and You.
+
+     f. The rights granted under, and the subject matter referenced, in this License were drafted utilizing the terminology of the Berne Convention for the Protection of Literary and Artistic Works (as amended on September 28, 1979), the Rome Convention of 1961, the WIPO Copyright Treaty of 1996, the WIPO Performances and Phonograms Treaty of 1996 and the Universal Copyright Convention (as revised on July 24, 1971). These rights and subject matter take effect in the relevant jurisdiction in which the License terms are sought to be enforced according to the corresponding provisions of the implementation of those treaty provisions in the applicable national law. If the standard suite of rights granted under applicable copyright law includes additional rights not granted under this License, such additional rights are deemed to be included in the License; this License is not intended to restrict the license of any rights under applicable law.
+
+Creative Commons Notice
+
+Creative Commons is not a party to this License, and makes no warranty whatsoever in connection with the Work. Creative Commons will not be liable to You or any party on any legal theory for any damages whatsoever, including without limitation any general, special, incidental or consequential damages arising in connection to this license. Notwithstanding the foregoing two (2) sentences, if Creative Commons has expressly identified itself as the Licensor hereunder, it shall have all rights and obligations of Licensor.
+
+Except for the limited purpose of indicating to the public that the Work is licensed under the CCPL, Creative Commons does not authorize the use by either party of the trademark "Creative Commons" or any related trademark or logo of Creative Commons without the prior written consent of Creative Commons. Any permitted use will be in compliance with Creative Commons' then-current trademark usage guidelines, as may be published on its website or otherwise made available upon request from time to time. For the avoidance of doubt, this trademark restriction does not form part of the License.
+
+Creative Commons may be contacted at http://creativecommons.org/.

LICENSES/GPL-3.0-only.txt

@@ -0,0 +1,232 @@
+GNU GENERAL PUBLIC LICENSE
+Version 3, 29 June 2007
+
+Copyright © 2007 Free Software Foundation, Inc. <http://fsf.org/>
+
+Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed.
+
+Preamble
+
+The GNU General Public License is a free, copyleft license for software and other kinds of works.
+
+The licenses for most software and other practical works are designed to take away your freedom to share and change the works. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change all versions of a program--to make sure it remains free software for all its users. We, the Free Software Foundation, use the GNU General Public License for most of our software; it applies also to any other work released this way by its authors. You can apply it to your programs, too.
+
+When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for them if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs, and that you know you can do these things.
+
+To protect your rights, we need to prevent others from denying you these rights or asking you to surrender the rights. Therefore, you have certain responsibilities if you distribute copies of the software, or if you modify it: responsibilities to respect the freedom of others.
+
+For example, if you distribute copies of such a program, whether gratis or for a fee, you must pass on to the recipients the same freedoms that you received. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights.
+
+Developers that use the GNU GPL protect your rights with two steps: (1) assert copyright on the software, and (2) offer you this License giving you legal permission to copy, distribute and/or modify it.
+
+For the developers' and authors' protection, the GPL clearly explains that there is no warranty for this free software. For both users' and authors' sake, the GPL requires that modified versions be marked as changed, so that their problems will not be attributed erroneously to authors of previous versions.
+
+Some devices are designed to deny users access to install or run modified versions of the software inside them, although the manufacturer can do so. This is fundamentally incompatible with the aim of protecting users' freedom to change the software. The systematic pattern of such abuse occurs in the area of products for individuals to use, which is precisely where it is most unacceptable. Therefore, we have designed this version of the GPL to prohibit the practice for those products. If such problems arise substantially in other domains, we stand ready to extend this provision to those domains in future versions of the GPL, as needed to protect the freedom of users.
+
+Finally, every program is threatened constantly by software patents. States should not allow patents to restrict development and use of software on general-purpose computers, but in those that do, we wish to avoid the special danger that patents applied to a free program could make it effectively proprietary. To prevent this, the GPL assures that patents cannot be used to render the program non-free.
+
+The precise terms and conditions for copying, distribution and modification follow.
+
+TERMS AND CONDITIONS
+
+0. Definitions.
+
+“This License” refers to version 3 of the GNU General Public License.
+
+“Copyright” also means copyright-like laws that apply to other kinds of works, such as semiconductor masks.
+
+“The Program” refers to any copyrightable work licensed under this License. Each licensee is addressed as “you”. “Licensees” and “recipients” may be individuals or organizations.
+
+To “modify” a work means to copy from or adapt all or part of the work in a fashion requiring copyright permission, other than the making of an exact copy. The resulting work is called a “modified version” of the earlier work or a work “based on” the earlier work.
+
+A “covered work” means either the unmodified Program or a work based on the Program.
+
+To “propagate” a work means to do anything with it that, without permission, would make you directly or secondarily liable for infringement under applicable copyright law, except executing it on a computer or modifying a private copy. Propagation includes copying, distribution (with or without modification), making available to the public, and in some countries other activities as well.
+
+To “convey” a work means any kind of propagation that enables other parties to make or receive copies. Mere interaction with a user through a computer network, with no transfer of a copy, is not conveying.
+
+An interactive user interface displays “Appropriate Legal Notices” to the extent that it includes a convenient and prominently visible feature that (1) displays an appropriate copyright notice, and (2) tells the user that there is no warranty for the work (except to the extent that warranties are provided), that licensees may convey the work under this License, and how to view a copy of this License. If the interface presents a list of user commands or options, such as a menu, a prominent item in the list meets this criterion.
+
+1. Source Code.
+The “source code” for a work means the preferred form of the work for making modifications to it. “Object code” means any non-source form of a work.
+
+A “Standard Interface” means an interface that either is an official standard defined by a recognized standards body, or, in the case of interfaces specified for a particular programming language, one that is widely used among developers working in that language.
+
+The “System Libraries” of an executable work include anything, other than the work as a whole, that (a) is included in the normal form of packaging a Major Component, but which is not part of that Major Component, and (b) serves only to enable use of the work with that Major Component, or to implement a Standard Interface for which an implementation is available to the public in source code form. A “Major Component”, in this context, means a major essential component (kernel, window system, and so on) of the specific operating system (if any) on which the executable work runs, or a compiler used to produce the work, or an object code interpreter used to run it.
+
+The “Corresponding Source” for a work in object code form means all the source code needed to generate, install, and (for an executable work) run the object code and to modify the work, including scripts to control those activities. However, it does not include the work's System Libraries, or general-purpose tools or generally available free programs which are used unmodified in performing those activities but which are not part of the work. For example, Corresponding Source includes interface definition files associated with source files for the work, and the source code for shared libraries and dynamically linked subprograms that the work is specifically designed to require, such as by intimate data communication or control flow between those subprograms and other parts of the work.
+
+The Corresponding Source need not include anything that users can regenerate automatically from other parts of the Corresponding Source.
+
+The Corresponding Source for a work in source code form is that same work.
+
+2. Basic Permissions.
+All rights granted under this License are granted for the term of copyright on the Program, and are irrevocable provided the stated conditions are met. This License explicitly affirms your unlimited permission to run the unmodified Program. The output from running a covered work is covered by this License only if the output, given its content, constitutes a covered work. This License acknowledges your rights of fair use or other equivalent, as provided by copyright law.
+
+You may make, run and propagate covered works that you do not convey, without conditions so long as your license otherwise remains in force. You may convey covered works to others for the sole purpose of having them make modifications exclusively for you, or provide you with facilities for running those works, provided that you comply with the terms of this License in conveying all material for which you do not control copyright. Those thus making or running the covered works for you must do so exclusively on your behalf, under your direction and control, on terms that prohibit them from making any copies of your copyrighted material outside their relationship with you.
+
+Conveying under any other circumstances is permitted solely under the conditions stated below. Sublicensing is not allowed; section 10 makes it unnecessary.
+
+3. Protecting Users' Legal Rights From Anti-Circumvention Law.
+No covered work shall be deemed part of an effective technological measure under any applicable law fulfilling obligations under article 11 of the WIPO copyright treaty adopted on 20 December 1996, or similar laws prohibiting or restricting circumvention of such measures.
+
+When you convey a covered work, you waive any legal power to forbid circumvention of technological measures to the extent such circumvention is effected by exercising rights under this License with respect to the covered work, and you disclaim any intention to limit operation or modification of the work as a means of enforcing, against the work's users, your or third parties' legal rights to forbid circumvention of technological measures.
+
+4. Conveying Verbatim Copies.
+You may convey verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice; keep intact all notices stating that this License and any non-permissive terms added in accord with section 7 apply to the code; keep intact all notices of the absence of any warranty; and give all recipients a copy of this License along with the Program.
+
+You may charge any price or no price for each copy that you convey, and you may offer support or warranty protection for a fee.
+
+5. Conveying Modified Source Versions.
+You may convey a work based on the Program, or the modifications to produce it from the Program, in the form of source code under the terms of section 4, provided that you also meet all of these conditions:
+
+     a) The work must carry prominent notices stating that you modified it, and giving a relevant date.
+
+     b) The work must carry prominent notices stating that it is released under this License and any conditions added under section 7. This requirement modifies the requirement in section 4 to “keep intact all notices”.
+
+     c) You must license the entire work, as a whole, under this License to anyone who comes into possession of a copy. This License will therefore apply, along with any applicable section 7 additional terms, to the whole of the work, and all its parts, regardless of how they are packaged. This License gives no permission to license the work in any other way, but it does not invalidate such permission if you have separately received it.
+
+     d) If the work has interactive user interfaces, each must display Appropriate Legal Notices; however, if the Program has interactive interfaces that do not display Appropriate Legal Notices, your work need not make them do so.
+
+A compilation of a covered work with other separate and independent works, which are not by their nature extensions of the covered work, and which are not combined with it such as to form a larger program, in or on a volume of a storage or distribution medium, is called an “aggregate” if the compilation and its resulting copyright are not used to limit the access or legal rights of the compilation's users beyond what the individual works permit. Inclusion of a covered work in an aggregate does not cause this License to apply to the other parts of the aggregate.
+
+6. Conveying Non-Source Forms.
+You may convey a covered work in object code form under the terms of sections 4 and 5, provided that you also convey the machine-readable Corresponding Source under the terms of this License, in one of these ways:
+
+     a) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by the Corresponding Source fixed on a durable physical medium customarily used for software interchange.
+
+     b) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by a written offer, valid for at least three years and valid for as long as you offer spare parts or customer support for that product model, to give anyone who possesses the object code either (1) a copy of the Corresponding Source for all the software in the product that is covered by this License, on a durable physical medium customarily used for software interchange, for a price no more than your reasonable cost of physically performing this conveying of source, or (2) access to copy the Corresponding Source from a network server at no charge.
+
+     c) Convey individual copies of the object code with a copy of the written offer to provide the Corresponding Source. This alternative is allowed only occasionally and noncommercially, and only if you received the object code with such an offer, in accord with subsection 6b.
+
+     d) Convey the object code by offering access from a designated place (gratis or for a charge), and offer equivalent access to the Corresponding Source in the same way through the same place at no further charge. You need not require recipients to copy the Corresponding Source along with the object code. If the place to copy the object code is a network server, the Corresponding Source may be on a different server (operated by you or a third party) that supports equivalent copying facilities, provided you maintain clear directions next to the object code saying where to find the Corresponding Source. Regardless of what server hosts the Corresponding Source, you remain obligated to ensure that it is available for as long as needed to satisfy these requirements.
+
+     e) Convey the object code using peer-to-peer transmission, provided you inform other peers where the object code and Corresponding Source of the work are being offered to the general public at no charge under subsection 6d.
+
+A separable portion of the object code, whose source code is excluded from the Corresponding Source as a System Library, need not be included in conveying the object code work.
+
+A “User Product” is either (1) a “consumer product”, which means any tangible personal property which is normally used for personal, family, or household purposes, or (2) anything designed or sold for incorporation into a dwelling. In determining whether a product is a consumer product, doubtful cases shall be resolved in favor of coverage. For a particular product received by a particular user, “normally used” refers to a typical or common use of that class of product, regardless of the status of the particular user or of the way in which the particular user actually uses, or expects or is expected to use, the product. A product is a consumer product regardless of whether the product has substantial commercial, industrial or non-consumer uses, unless such uses represent the only significant mode of use of the product.
+
+“Installation Information” for a User Product means any methods, procedures, authorization keys, or other information required to install and execute modified versions of a covered work in that User Product from a modified version of its Corresponding Source. The information must suffice to ensure that the continued functioning of the modified object code is in no case prevented or interfered with solely because modification has been made.
+
+If you convey an object code work under this section in, or with, or specifically for use in, a User Product, and the conveying occurs as part of a transaction in which the right of possession and use of the User Product is transferred to the recipient in perpetuity or for a fixed term (regardless of how the transaction is characterized), the Corresponding Source conveyed under this section must be accompanied by the Installation Information. But this requirement does not apply if neither you nor any third party retains the ability to install modified object code on the User Product (for example, the work has been installed in ROM).
+
+The requirement to provide Installation Information does not include a requirement to continue to provide support service, warranty, or updates for a work that has been modified or installed by the recipient, or for the User Product in which it has been modified or installed. Access to a network may be denied when the modification itself materially and adversely affects the operation of the network or violates the rules and protocols for communication across the network.
+
+Corresponding Source conveyed, and Installation Information provided, in accord with this section must be in a format that is publicly documented (and with an implementation available to the public in source code form), and must require no special password or key for unpacking, reading or copying.
+
+7. Additional Terms.
+“Additional permissions” are terms that supplement the terms of this License by making exceptions from one or more of its conditions. Additional permissions that are applicable to the entire Program shall be treated as though they were included in this License, to the extent that they are valid under applicable law. If additional permissions apply only to part of the Program, that part may be used separately under those permissions, but the entire Program remains governed by this License without regard to the additional permissions.
+
+When you convey a copy of a covered work, you may at your option remove any additional permissions from that copy, or from any part of it. (Additional permissions may be written to require their own removal in certain cases when you modify the work.) You may place additional permissions on material, added by you to a covered work, for which you have or can give appropriate copyright permission.
+
+Notwithstanding any other provision of this License, for material you add to a covered work, you may (if authorized by the copyright holders of that material) supplement the terms of this License with terms:
+
+     a) Disclaiming warranty or limiting liability differently from the terms of sections 15 and 16 of this License; or
+
+     b) Requiring preservation of specified reasonable legal notices or author attributions in that material or in the Appropriate Legal Notices displayed by works containing it; or
+
+     c) Prohibiting misrepresentation of the origin of that material, or requiring that modified versions of such material be marked in reasonable ways as different from the original version; or
+
+     d) Limiting the use for publicity purposes of names of licensors or authors of the material; or
+
+     e) Declining to grant rights under trademark law for use of some trade names, trademarks, or service marks; or
+
+     f) Requiring indemnification of licensors and authors of that material by anyone who conveys the material (or modified versions of it) with contractual assumptions of liability to the recipient, for any liability that these contractual assumptions directly impose on those licensors and authors.
+
+All other non-permissive additional terms are considered “further restrictions” within the meaning of section 10. If the Program as you received it, or any part of it, contains a notice stating that it is governed by this License along with a term that is a further restriction, you may remove that term. If a license document contains a further restriction but permits relicensing or conveying under this License, you may add to a covered work material governed by the terms of that license document, provided that the further restriction does not survive such relicensing or conveying.
+
+If you add terms to a covered work in accord with this section, you must place, in the relevant source files, a statement of the additional terms that apply to those files, or a notice indicating where to find the applicable terms.
+
+Additional terms, permissive or non-permissive, may be stated in the form of a separately written license, or stated as exceptions; the above requirements apply either way.
+
+8. Termination.
+You may not propagate or modify a covered work except as expressly provided under this License. Any attempt otherwise to propagate or modify it is void, and will automatically terminate your rights under this License (including any patent licenses granted under the third paragraph of section 11).
+
+However, if you cease all violation of this License, then your license from a particular copyright holder is reinstated (a) provisionally, unless and until the copyright holder explicitly and finally terminates your license, and (b) permanently, if the copyright holder fails to notify you of the violation by some reasonable means prior to 60 days after the cessation.
+
+Moreover, your license from a particular copyright holder is reinstated permanently if the copyright holder notifies you of the violation by some reasonable means, this is the first time you have received notice of violation of this License (for any work) from that copyright holder, and you cure the violation prior to 30 days after your receipt of the notice.
+
+Termination of your rights under this section does not terminate the licenses of parties who have received copies or rights from you under this License. If your rights have been terminated and not permanently reinstated, you do not qualify to receive new licenses for the same material under section 10.
+
+9. Acceptance Not Required for Having Copies.
+You are not required to accept this License in order to receive or run a copy of the Program. Ancillary propagation of a covered work occurring solely as a consequence of using peer-to-peer transmission to receive a copy likewise does not require acceptance. However, nothing other than this License grants you permission to propagate or modify any covered work. These actions infringe copyright if you do not accept this License. Therefore, by modifying or propagating a covered work, you indicate your acceptance of this License to do so.
+
+10. Automatic Licensing of Downstream Recipients.
+Each time you convey a covered work, the recipient automatically receives a license from the original licensors, to run, modify and propagate that work, subject to this License. You are not responsible for enforcing compliance by third parties with this License.
+
+An “entity transaction” is a transaction transferring control of an organization, or substantially all assets of one, or subdividing an organization, or merging organizations. If propagation of a covered work results from an entity transaction, each party to that transaction who receives a copy of the work also receives whatever licenses to the work the party's predecessor in interest had or could give under the previous paragraph, plus a right to possession of the Corresponding Source of the work from the predecessor in interest, if the predecessor has it or can get it with reasonable efforts.
+
+You may not impose any further restrictions on the exercise of the rights granted or affirmed under this License. For example, you may not impose a license fee, royalty, or other charge for exercise of rights granted under this License, and you may not initiate litigation (including a cross-claim or counterclaim in a lawsuit) alleging that any patent claim is infringed by making, using, selling, offering for sale, or importing the Program or any portion of it.
+
+11. Patents.
+A “contributor” is a copyright holder who authorizes use under this License of the Program or a work on which the Program is based. The work thus licensed is called the contributor's “contributor version”.
+
+A contributor's “essential patent claims” are all patent claims owned or controlled by the contributor, whether already acquired or hereafter acquired, that would be infringed by some manner, permitted by this License, of making, using, or selling its contributor version, but do not include claims that would be infringed only as a consequence of further modification of the contributor version. For purposes of this definition, “control” includes the right to grant patent sublicenses in a manner consistent with the requirements of this License.
+
+Each contributor grants you a non-exclusive, worldwide, royalty-free patent license under the contributor's essential patent claims, to make, use, sell, offer for sale, import and otherwise run, modify and propagate the contents of its contributor version.
+
+In the following three paragraphs, a “patent license” is any express agreement or commitment, however denominated, not to enforce a patent (such as an express permission to practice a patent or covenant not to sue for patent infringement). To “grant” such a patent license to a party means to make such an agreement or commitment not to enforce a patent against the party.
+
+If you convey a covered work, knowingly relying on a patent license, and the Corresponding Source of the work is not available for anyone to copy, free of charge and under the terms of this License, through a publicly available network server or other readily accessible means, then you must either (1) cause the Corresponding Source to be so available, or (2) arrange to deprive yourself of the benefit of the patent license for this particular work, or (3) arrange, in a manner consistent with the requirements of this License, to extend the patent license to downstream recipients. “Knowingly relying” means you have actual knowledge that, but for the patent license, your conveying the covered work in a country, or your recipient's use of the covered work in a country, would infringe one or more identifiable patents in that country that you have reason to believe are valid.
+
+If, pursuant to or in connection with a single transaction or arrangement, you convey, or propagate by procuring conveyance of, a covered work, and grant a patent license to some of the parties receiving the covered work authorizing them to use, propagate, modify or convey a specific copy of the covered work, then the patent license you grant is automatically extended to all recipients of the covered work and works based on it.
+
+A patent license is “discriminatory” if it does not include within the scope of its coverage, prohibits the exercise of, or is conditioned on the non-exercise of one or more of the rights that are specifically granted under this License. You may not convey a covered work if you are a party to an arrangement with a third party that is in the business of distributing software, under which you make payment to the third party based on the extent of your activity of conveying the work, and under which the third party grants, to any of the parties who would receive the covered work from you, a discriminatory patent license (a) in connection with copies of the covered work conveyed by you (or copies made from those copies), or (b) primarily for and in connection with specific products or compilations that contain the covered work, unless you entered into that arrangement, or that patent license was granted, prior to 28 March 2007.
+
+Nothing in this License shall be construed as excluding or limiting any implied license or other defenses to infringement that may otherwise be available to you under applicable patent law.
+
+12. No Surrender of Others' Freedom.
+If conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot convey a covered work so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not convey it at all. For example, if you agree to terms that obligate you to collect a royalty for further conveying from those to whom you convey the Program, the only way you could satisfy both those terms and this License would be to refrain entirely from conveying the Program.
+
+13. Use with the GNU Affero General Public License.
+Notwithstanding any other provision of this License, you have permission to link or combine any covered work with a work licensed under version 3 of the GNU Affero General Public License into a single combined work, and to convey the resulting work. The terms of this License will continue to apply to the part which is the covered work, but the special requirements of the GNU Affero General Public License, section 13, concerning interaction through a network will apply to the combination as such.
+
+14. Revised Versions of this License.
+The Free Software Foundation may publish revised and/or new versions of the GNU General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns.
+
+Each version is given a distinguishing version number. If the Program specifies that a certain numbered version of the GNU General Public License “or any later version” applies to it, you have the option of following the terms and conditions either of that numbered version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of the GNU General Public License, you may choose any version ever published by the Free Software Foundation.
+
+If the Program specifies that a proxy can decide which future versions of the GNU General Public License can be used, that proxy's public statement of acceptance of a version permanently authorizes you to choose that version for the Program.
+
+Later license versions may give you additional or different permissions. However, no additional obligations are imposed on any author or copyright holder as a result of your choosing to follow a later version.
+
+15. Disclaimer of Warranty.
+THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM “AS IS” WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
+
+16. Limitation of Liability.
+IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
+
+17. Interpretation of Sections 15 and 16.
+If the disclaimer of warranty and limitation of liability provided above cannot be given local legal effect according to their terms, reviewing courts shall apply local law that most closely approximates an absolute waiver of all civil liability in connection with the Program, unless a warranty or assumption of liability accompanies a copy of the Program in return for a fee.
+
+END OF TERMS AND CONDITIONS
+
+How to Apply These Terms to Your New Programs
+
+If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms.
+
+To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively state the exclusion of warranty; and each file should have at least the “copyright” line and a pointer to where the full notice is found.
+
+     <one line to give the program's name and a brief idea of what it does.>
+     Copyright (C) <year>  <name of author>
+
+     This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+
+     This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more details.
+
+     You should have received a copy of the GNU General Public License along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+Also add information on how to contact you by electronic and paper mail.
+
+If the program does terminal interaction, make it output a short notice like this when it starts in an interactive mode:
+
+     <program>  Copyright (C) <year>  <name of author>
+     This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
+     This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details.
+
+The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, your program's commands might be different; for a GUI interface, you would use an “about box”.
+
+You should also get your employer (if you work as a programmer) or school, if any, to sign a “copyright disclaimer” for the program, if necessary. For more information on this, and how to apply and follow the GNU GPL, see <http://www.gnu.org/licenses/>.
+
+The GNU General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Lesser General Public License instead of this License. But first, please read <http://www.gnu.org/philosophy/why-not-lgpl.html>.

LICENSES/MIT.txt

@@ -0,0 +1,9 @@
+MIT License
+
+Copyright (c) <year> <copyright holders>
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

LICENSES/MPL-2.0.txt

@@ -0,0 +1,373 @@
+Mozilla Public License Version 2.0
+==================================
+
+1. Definitions
+--------------
+
+1.1. "Contributor"
+    means each individual or legal entity that creates, contributes to
+    the creation of, or owns Covered Software.
+
+1.2. "Contributor Version"
+    means the combination of the Contributions of others (if any) used
+    by a Contributor and that particular Contributor's Contribution.
+
+1.3. "Contribution"
+    means Covered Software of a particular Contributor.
+
+1.4. "Covered Software"
+    means Source Code Form to which the initial Contributor has attached
+    the notice in Exhibit A, the Executable Form of such Source Code
+    Form, and Modifications of such Source Code Form, in each case
+    including portions thereof.
+
+1.5. "Incompatible With Secondary Licenses"
+    means
+
+    (a) that the initial Contributor has attached the notice described
+        in Exhibit B to the Covered Software; or
+
+    (b) that the Covered Software was made available under the terms of
+        version 1.1 or earlier of the License, but not also under the
+        terms of a Secondary License.
+
+1.6. "Executable Form"
+    means any form of the work other than Source Code Form.
+
+1.7. "Larger Work"
+    means a work that combines Covered Software with other material, in 
+    a separate file or files, that is not Covered Software.
+
+1.8. "License"
+    means this document.
+
+1.9. "Licensable"
+    means having the right to grant, to the maximum extent possible,
+    whether at the time of the initial grant or subsequently, any and
+    all of the rights conveyed by this License.
+
+1.10. "Modifications"
+    means any of the following:
+
+    (a) any file in Source Code Form that results from an addition to,
+        deletion from, or modification of the contents of Covered
+        Software; or
+
+    (b) any new file in Source Code Form that contains any Covered
+        Software.
+
+1.11. "Patent Claims" of a Contributor
+    means any patent claim(s), including without limitation, method,
+    process, and apparatus claims, in any patent Licensable by such
+    Contributor that would be infringed, but for the grant of the
+    License, by the making, using, selling, offering for sale, having
+    made, import, or transfer of either its Contributions or its
+    Contributor Version.
+
+1.12. "Secondary License"
+    means either the GNU General Public License, Version 2.0, the GNU
+    Lesser General Public License, Version 2.1, the GNU Affero General
+    Public License, Version 3.0, or any later versions of those
+    licenses.
+
+1.13. "Source Code Form"
+    means the form of the work preferred for making modifications.
+
+1.14. "You" (or "Your")
+    means an individual or a legal entity exercising rights under this
+    License. For legal entities, "You" includes any entity that
+    controls, is controlled by, or is under common control with You. For
+    purposes of this definition, "control" means (a) the power, direct
+    or indirect, to cause the direction or management of such entity,
+    whether by contract or otherwise, or (b) ownership of more than
+    fifty percent (50%) of the outstanding shares or beneficial
+    ownership of such entity.
+
+2. License Grants and Conditions
+--------------------------------
+
+2.1. Grants
+
+Each Contributor hereby grants You a world-wide, royalty-free,
+non-exclusive license:
+
+(a) under intellectual property rights (other than patent or trademark)
+    Licensable by such Contributor to use, reproduce, make available,
+    modify, display, perform, distribute, and otherwise exploit its
+    Contributions, either on an unmodified basis, with Modifications, or
+    as part of a Larger Work; and
+
+(b) under Patent Claims of such Contributor to make, use, sell, offer
+    for sale, have made, import, and otherwise transfer either its
+    Contributions or its Contributor Version.
+
+2.2. Effective Date
+
+The licenses granted in Section 2.1 with respect to any Contribution
+become effective for each Contribution on the date the Contributor first
+distributes such Contribution.
+
+2.3. Limitations on Grant Scope
+
+The licenses granted in this Section 2 are the only rights granted under
+this License. No additional rights or licenses will be implied from the
+distribution or licensing of Covered Software under this License.
+Notwithstanding Section 2.1(b) above, no patent license is granted by a
+Contributor:
+
+(a) for any code that a Contributor has removed from Covered Software;
+    or
+
+(b) for infringements caused by: (i) Your and any other third party's
+    modifications of Covered Software, or (ii) the combination of its
+    Contributions with other software (except as part of its Contributor
+    Version); or
+
+(c) under Patent Claims infringed by Covered Software in the absence of
+    its Contributions.
+
+This License does not grant any rights in the trademarks, service marks,
+or logos of any Contributor (except as may be necessary to comply with
+the notice requirements in Section 3.4).
+
+2.4. Subsequent Licenses
+
+No Contributor makes additional grants as a result of Your choice to
+distribute the Covered Software under a subsequent version of this
+License (see Section 10.2) or under the terms of a Secondary License (if
+permitted under the terms of Section 3.3).
+
+2.5. Representation
+
+Each Contributor represents that the Contributor believes its
+Contributions are its original creation(s) or it has sufficient rights
+to grant the rights to its Contributions conveyed by this License.
+
+2.6. Fair Use
+
+This License is not intended to limit any rights You have under
+applicable copyright doctrines of fair use, fair dealing, or other
+equivalents.
+
+2.7. Conditions
+
+Sections 3.1, 3.2, 3.3, and 3.4 are conditions of the licenses granted
+in Section 2.1.
+
+3. Responsibilities
+-------------------
+
+3.1. Distribution of Source Form
+
+All distribution of Covered Software in Source Code Form, including any
+Modifications that You create or to which You contribute, must be under
+the terms of this License. You must inform recipients that the Source
+Code Form of the Covered Software is governed by the terms of this
+License, and how they can obtain a copy of this License. You may not
+attempt to alter or restrict the recipients' rights in the Source Code
+Form.
+
+3.2. Distribution of Executable Form
+
+If You distribute Covered Software in Executable Form then:
+
+(a) such Covered Software must also be made available in Source Code
+    Form, as described in Section 3.1, and You must inform recipients of
+    the Executable Form how they can obtain a copy of such Source Code
+    Form by reasonable means in a timely manner, at a charge no more
+    than the cost of distribution to the recipient; and
+
+(b) You may distribute such Executable Form under the terms of this
+    License, or sublicense it under different terms, provided that the
+    license for the Executable Form does not attempt to limit or alter
+    the recipients' rights in the Source Code Form under this License.
+
+3.3. Distribution of a Larger Work
+
+You may create and distribute a Larger Work under terms of Your choice,
+provided that You also comply with the requirements of this License for
+the Covered Software. If the Larger Work is a combination of Covered
+Software with a work governed by one or more Secondary Licenses, and the
+Covered Software is not Incompatible With Secondary Licenses, this
+License permits You to additionally distribute such Covered Software
+under the terms of such Secondary License(s), so that the recipient of
+the Larger Work may, at their option, further distribute the Covered
+Software under the terms of either this License or such Secondary
+License(s).
+
+3.4. Notices
+
+You may not remove or alter the substance of any license notices
+(including copyright notices, patent notices, disclaimers of warranty,
+or limitations of liability) contained within the Source Code Form of
+the Covered Software, except that You may alter any license notices to
+the extent required to remedy known factual inaccuracies.
+
+3.5. Application of Additional Terms
+
+You may choose to offer, and to charge a fee for, warranty, support,
+indemnity or liability obligations to one or more recipients of Covered
+Software. However, You may do so only on Your own behalf, and not on
+behalf of any Contributor. You must make it absolutely clear that any
+such warranty, support, indemnity, or liability obligation is offered by
+You alone, and You hereby agree to indemnify every Contributor for any
+liability incurred by such Contributor as a result of warranty, support,
+indemnity or liability terms You offer. You may include additional
+disclaimers of warranty and limitations of liability specific to any
+jurisdiction.
+
+4. Inability to Comply Due to Statute or Regulation
+---------------------------------------------------
+
+If it is impossible for You to comply with any of the terms of this
+License with respect to some or all of the Covered Software due to
+statute, judicial order, or regulation then You must: (a) comply with
+the terms of this License to the maximum extent possible; and (b)
+describe the limitations and the code they affect. Such description must
+be placed in a text file included with all distributions of the Covered
+Software under this License. Except to the extent prohibited by statute
+or regulation, such description must be sufficiently detailed for a
+recipient of ordinary skill to be able to understand it.
+
+5. Termination
+--------------
+
+5.1. The rights granted under this License will terminate automatically
+if You fail to comply with any of its terms. However, if You become
+compliant, then the rights granted under this License from a particular
+Contributor are reinstated (a) provisionally, unless and until such
+Contributor explicitly and finally terminates Your grants, and (b) on an
+ongoing basis, if such Contributor fails to notify You of the
+non-compliance by some reasonable means prior to 60 days after You have
+come back into compliance. Moreover, Your grants from a particular
+Contributor are reinstated on an ongoing basis if such Contributor
+notifies You of the non-compliance by some reasonable means, this is the
+first time You have received notice of non-compliance with this License
+from such Contributor, and You become compliant prior to 30 days after
+Your receipt of the notice.
+
+5.2. If You initiate litigation against any entity by asserting a patent
+infringement claim (excluding declaratory judgment actions,
+counter-claims, and cross-claims) alleging that a Contributor Version
+directly or indirectly infringes any patent, then the rights granted to
+You by any and all Contributors for the Covered Software under Section
+2.1 of this License shall terminate.
+
+5.3. In the event of termination under Sections 5.1 or 5.2 above, all
+end user license agreements (excluding distributors and resellers) which
+have been validly granted by You or Your distributors under this License
+prior to termination shall survive termination.
+
+************************************************************************
+*                                                                      *
+*  6. Disclaimer of Warranty                                           *
+*  -------------------------                                           *
+*                                                                      *
+*  Covered Software is provided under this License on an "as is"       *
+*  basis, without warranty of any kind, either expressed, implied, or  *
+*  statutory, including, without limitation, warranties that the       *
+*  Covered Software is free of defects, merchantable, fit for a        *
+*  particular purpose or non-infringing. The entire risk as to the     *
+*  quality and performance of the Covered Software is with You.        *
+*  Should any Covered Software prove defective in any respect, You     *
+*  (not any Contributor) assume the cost of any necessary servicing,   *
+*  repair, or correction. This disclaimer of warranty constitutes an   *
+*  essential part of this License. No use of any Covered Software is   *
+*  authorized under this License except under this disclaimer.         *
+*                                                                      *
+************************************************************************
+
+************************************************************************
+*                                                                      *
+*  7. Limitation of Liability                                          *
+*  --------------------------                                          *
+*                                                                      *
+*  Under no circumstances and under no legal theory, whether tort      *
+*  (including negligence), contract, or otherwise, shall any           *
+*  Contributor, or anyone who distributes Covered Software as          *
+*  permitted above, be liable to You for any direct, indirect,         *
+*  special, incidental, or consequential damages of any character      *
+*  including, without limitation, damages for lost profits, loss of    *
+*  goodwill, work stoppage, computer failure or malfunction, or any    *
+*  and all other commercial damages or losses, even if such party      *
+*  shall have been informed of the possibility of such damages. This   *
+*  limitation of liability shall not apply to liability for death or   *
+*  personal injury resulting from such party's negligence to the       *
+*  extent applicable law prohibits such limitation. Some               *
+*  jurisdictions do not allow the exclusion or limitation of           *
+*  incidental or consequential damages, so this exclusion and          *
+*  limitation may not apply to You.                                    *
+*                                                                      *
+************************************************************************
+
+8. Litigation
+-------------
+
+Any litigation relating to this License may be brought only in the
+courts of a jurisdiction where the defendant maintains its principal
+place of business and such litigation shall be governed by laws of that
+jurisdiction, without reference to its conflict-of-law provisions.
+Nothing in this Section shall prevent a party's ability to bring
+cross-claims or counter-claims.
+
+9. Miscellaneous
+----------------
+
+This License represents the complete agreement concerning the subject
+matter hereof. If any provision of this License is held to be
+unenforceable, such provision shall be reformed only to the extent
+necessary to make it enforceable. Any law or regulation which provides
+that the language of a contract shall be construed against the drafter
+shall not be used to construe this License against a Contributor.
+
+10. Versions of the License
+---------------------------
+
+10.1. New Versions
+
+Mozilla Foundation is the license steward. Except as provided in Section
+10.3, no one other than the license steward has the right to modify or
+publish new versions of this License. Each version will be given a
+distinguishing version number.
+
+10.2. Effect of New Versions
+
+You may distribute the Covered Software under the terms of the version
+of the License under which You originally received the Covered Software,
+or under the terms of any subsequent version published by the license
+steward.
+
+10.3. Modified Versions
+
+If you create software not governed by this License, and you want to
+create a new license for such software, you may create and use a
+modified version of this License if you rename the license and remove
+any references to the name of the license steward (except to note that
+such modified license differs from this License).
+
+10.4. Distributing Source Code Form that is Incompatible With Secondary
+Licenses
+
+If You choose to distribute Source Code Form that is Incompatible With
+Secondary Licenses under the terms of this version of the License, the
+notice described in Exhibit B of this License must be attached.
+
+Exhibit A - Source Code Form License Notice
+-------------------------------------------
+
+  This Source Code Form is subject to the terms of the Mozilla Public
+  License, v. 2.0. If a copy of the MPL was not distributed with this
+  file, You can obtain one at https://mozilla.org/MPL/2.0/.
+
+If it is not possible or desirable to put the notice in a particular
+file, then You may include the notice in a location (such as a LICENSE
+file in a relevant directory) where a recipient would be likely to look
+for such a notice.
+
+You may add additional accurate notices of copyright ownership.
+
+Exhibit B - "Incompatible With Secondary Licenses" Notice
+---------------------------------------------------------
+
+  This Source Code Form is "Incompatible With Secondary Licenses", as
+  defined by the Mozilla Public License, v. 2.0.

README.md

@@ -1,15 +1,21 @@
 # Seedvault
-[![Build](https://github.com/seedvault-app/seedvault/workflows/Build/badge.svg?branch=master)](https://github.com/seedvault-app/seedvault/actions?query=branch%3Amaster+workflow%3ABuild)
+[![Build](https://github.com/seedvault-app/seedvault/actions/workflows/build.yml/badge.svg)](https://github.com/seedvault-app/seedvault/actions/workflows/build.yml)
 
 A backup application for the [Android Open Source Project](https://source.android.com/).
+Needs to be [integrated](https://github.com/seedvault-app/seedvault/wiki/ROM-Integration)
+in your Android ROM and **can not** be installed as a regular app.
 
-If you are having an issue/question, please look at our [FAQ](../../wiki/FAQ).
+If you are having an issue/question,
+please look at our [FAQ](https://github.com/seedvault-app/seedvault/wiki/FAQ)
+or [ask a new question](https://github.com/seedvault-app/seedvault/discussions).
 
 ## Components
 
 * [Local Contacts Backup](contactsbackup) - an app that backs up local on-device contacts
-* [Storage library](storage) - a library handling efficient backup of files
+* [File backup library](storage) - a library handling efficient backup of files
+  ([documentation](storage/doc/design.md))
 * [Seedvault app](app) - the main app where all functionality comes together
+  ([documentation](doc/README.md))
 
 ## Features
 - Backup application data to a flash drive.
@@ -19,15 +25,27 @@ If you are having an issue/question, please look at our [FAQ](../../wiki/FAQ).
 
 ## Requirements
 
-- Android 11
+SeedVault is developed along with AOSP releases.
 
-For older versions of Android, check out [the branches](https://github.com/seedvault-app/seedvault/branches).
+We update it every time Google releases a new Android version, 
+make any changes required for basic functionality,
+and any improvements possible through API changes in the OS.
 
-## Getting Started
-- Check out [the wiki](https://github.com/seedvault-app/seedvault/wiki) for information on building the application with 
-AOSP.
+This means that for ROMs using SeedVault it's recommended
+to use the same branch as your android version
+
+- This current branch `android15` is meant for usage with Android 15
+- This is indicated by the version name starting with `15`,
+  and the version code starting with `35` - the Android 15 API version
+
+For older versions of Android,
+check out [the branches](https://github.com/seedvault-app/seedvault/branches).
+
+Trying to use an older branch on a newer version may lead to issues
+and is not something we can support.
 
 ## What makes this different?
+
 This application is compiled with the operating system and does not require a rooted device for use.
 It uses the same internal APIs as `adb backup` which is deprecated and thus needs a replacement.
 
@@ -37,17 +55,25 @@ It uses the same internal APIs as `adb backup` which is deprecated and thus need
 * `android.permission.MANAGE_USB` to access the serial number of USB mass storage devices.
 * `android.permission.WRITE_SECURE_SETTINGS` to change system backup settings and enable call log backup.
 * `android.permission.QUERY_ALL_PACKAGES` to get information about all installed apps for backup.
+* `android.permission.QUERY_USERS` to get the name of the user profile that gets backed up.
 * `android.permission.INSTALL_PACKAGES` to re-install apps when restoring from backup.
 * `android.permission.MANAGE_EXTERNAL_STORAGE` to backup and restore files from device storage.
 * `android.permission.ACCESS_MEDIA_LOCATION` to backup original media files e.g. without stripped EXIF metadata.
 * `android.permission.FOREGROUND_SERVICE` to do periodic storage backups without interruption.
+* `android.permission.FOREGROUND_SERVICE_DATA_SYNC` to do periodic storage backups without interruption.
 * `android.permission.MANAGE_DOCUMENTS` to retrieve the available storage roots (optional) for better UX.
 * `android.permission.USE_BIOMETRIC` to authenticate saving a new recovery code
+* `android.permission.INTERACT_ACROSS_USERS_FULL` to use storage roots in other users (optional).
+* `android.permission.POST_NOTIFICATIONS` to inform users about backup status and errors.
 
 ## Contributing
 Bug reports and pull requests are welcome on GitHub at https://github.com/seedvault-app/seedvault.
 
-This project aims to adhere to the [official Kotlin coding style](https://developer.android.com/kotlin/style-guide).
+See [DEVELOPMENT.md](app/development/DEVELOPMENT.md) for information
+on developing Seedvault locally.
+
+This project aims to adhere to the
+[official Kotlin coding style](https://developer.android.com/kotlin/style-guide).
 
 ## Third-party tools
 
@@ -55,8 +81,37 @@ This project aims to adhere to the [official Kotlin coding style](https://develo
 > Please be aware that disclosing your secret recovery key to other software has security risks.
 
 The [Seedvault backup parser](https://github.com/tlambertz/seedvault_backup_parser)
-allows you to decrypt and inspect your backups.
+allows you to decrypt and inspect your backups (version 0 backup).
 It can also re-encrypt them.
 
+The [Seedvault extractor](https://github.com/jackwilsdon/seedvault-extractor)
+allows you to decrypt and inspect your backups from newer versions of Seedvault (version 1 backup).
+It is currently work-in-progress.
+
 ## License
-This application is available as open source under the terms of the [Apache-2.0 License](https://opensource.org/licenses/Apache-2.0).
+This application is available as open source under the terms
+of the [Apache-2.0 License](https://opensource.org/licenses/Apache-2.0).
+
+## Funding
+
+### Calyx Institute
+
+This project is primarily developed and maintained by the [Calyx Institute](https://calyxinstitute.org/)
+for usage in [CalyxOS](https://calyxos.org/).
+
+### NGI0 PET Fund
+
+This project was funded through the [NGI0 PET Fund](https://nlnet.nl/project/Seedvault/),
+a fund established by [NLnet](https://nlnet.nl)
+with financial support from the European Commission's Next Generation Internet programme,
+under the aegis of DG Communications Networks, Content and Technology
+under grant agreement No 825310.
+
+### NGI0 Entrust Fund
+
+This project was funded through the
+[NGI0 Entrust Fund](https://nlnet.nl/project/SeedVault-Integrity/),
+a fund established by [NLnet](https://nlnet.nl)
+with financial support from the European Commission's Next Generation Internet programme,
+under the aegis of DG Communications Networks, Content and Technology
+under grant agreement No 101069594.

allowlist_com.stevesoltys.seedvault.xml

@@ -0,0 +1,13 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!--
+  SPDX-FileCopyrightText: 2017 Steve Soltys
+  SPDX-FileCopyrightText: 2020 The Calyx Institute
+  SPDX-License-Identifier: Apache-2.0
+  -->
+<config>
+    <backup-transport-whitelisted-service
+        service="com.stevesoltys.seedvault/.transport.ConfigurableBackupTransportService" />
+    <hidden-api-whitelisted-app package="com.stevesoltys.seedvault" />
+    <!-- needed for storage backups launching foreground service from background -->
+    <allow-in-power-save package="com.stevesoltys.seedvault" />
+</config>

app/build.gradle

@@ -1,194 +0,0 @@
-import groovy.xml.XmlUtil
-
-plugins {
-    id "com.android.application"
-    id "kotlin-android"
-    id "org.jlleitschuh.gradle.ktlint" version "9.4.0"
-}
-
-def gitDescribe = { ->
-    def stdout = new ByteArrayOutputStream()
-    exec {
-        commandLine 'git', 'describe', '--always', '--tags', '--dirty=-dirty'
-        standardOutput = stdout
-    }
-    return stdout.toString().trim()
-}
-
-android {
-    compileSdkVersion rootProject.ext.compileSdkVersion
-    buildToolsVersion rootProject.ext.buildToolsVersion
-
-    defaultConfig {
-        minSdkVersion 29 // leave at 29 for robolectric tests
-        targetSdkVersion rootProject.ext.targetSdkVersion
-        versionNameSuffix "-$gitDescribe"
-        testInstrumentationRunner "androidx.test.runner.AndroidJUnitRunner"
-        testInstrumentationRunnerArguments disableAnalytics: 'true'
-    }
-
-    buildTypes {
-        release {
-            minifyEnabled false
-        }
-    }
-
-    lintOptions {
-        disable "CheckedExceptions"
-        abortOnError true
-    }
-    compileOptions {
-        targetCompatibility 1.8
-        sourceCompatibility 1.8
-    }
-    kotlinOptions {
-        jvmTarget = JavaVersion.VERSION_1_8.toString()
-        languageVersion = "1.3"
-    }
-    testOptions {
-        unitTests.all {
-            useJUnitPlatform()
-            testLogging {
-                events "passed", "skipped", "failed"
-            }
-        }
-        unitTests {
-            includeAndroidResources = true
-        }
-    }
-
-    sourceSets {
-        test {
-            java.srcDirs += "$projectDir/src/sharedTest/java"
-        }
-        androidTest {
-            java.srcDirs += "$projectDir/src/sharedTest/java"
-        }
-    }
-
-    signingConfigs {
-        aosp {
-            // Generated from the AOSP platform key:
-            // https://android.googlesource.com/platform/build/+/refs/tags/android-11.0.0_r29/target/product/security/platform.pk8
-            keyAlias "platform"
-            keyPassword "platform"
-            storeFile file("platform.jks")
-            storePassword "platform"
-        }
-    }
-
-    buildTypes.release.signingConfig = signingConfigs.aosp
-    buildTypes.debug.signingConfig = signingConfigs.aosp
-}
-
-dependencies {
-    compileOnly rootProject.ext.aosp_libs
-
-    /**
-     * Dependencies in AOSP
-     *
-     * We try to keep the dependencies in sync with what AOSP ships as Seedvault is meant to be built
-     * with the AOSP build system and gradle builds are just for more pleasant development.
-     * Using the AOSP versions in gradle builds allows us to spot issues early on.
-     */
-    implementation rootProject.ext.kotlin_libs.std
-    // These coroutine libraries get upgraded otherwise to versions incompatible with kotlin version
-    implementation rootProject.ext.kotlin_libs.coroutines
-
-    implementation rootProject.ext.std_libs.androidx_core
-    // A newer version gets pulled in with AOSP via core, so we include fragment here explicitly
-    implementation rootProject.ext.std_libs.androidx_fragment
-    implementation rootProject.ext.std_libs.androidx_preference
-    implementation rootProject.ext.std_libs.androidx_lifecycle_viewmodel_ktx
-    implementation rootProject.ext.std_libs.androidx_lifecycle_livedata_ktx
-    implementation rootProject.ext.std_libs.androidx_constraintlayout
-    implementation rootProject.ext.std_libs.androidx_documentfile
-    implementation rootProject.ext.std_libs.com_google_android_material
-
-    /**
-     * Storage Dependencies
-     */
-    implementation project(':storage:lib')
-//    implementation fileTree(include: ['storage.aar'], dir: "${rootProject.rootDir}/storage/lib/libs")
-
-    /**
-     * External Dependencies
-     *
-     * If the dependencies below are updated,
-     * please make sure to update the prebuilt libraries and the Android.bp files
-     * in the top-level `libs` folder to reflect that.
-     * You can copy these libraries from ~/.gradle/caches/modules-2
-     */
-    // later versions than 2.1.1 require newer kotlin version
-    implementation fileTree(include: ['*.jar'], dir: "${rootProject.rootDir}/libs/koin-android")
-    implementation fileTree(include: ['*.aar'], dir: "${rootProject.rootDir}/libs/koin-android")
-
-    implementation fileTree(include: ['kotlin-bip39-1.0.2.jar'], dir: "${rootProject.rootDir}/libs")
-
-    /**
-     * Test Dependencies (do not concern the AOSP build)
-     */
-    lintChecks rootProject.ext.lint_libs.exceptions
-
-    // anything less than 'implementation' fails tests run with gradlew
-    testImplementation rootProject.ext.aosp_libs
-    testImplementation 'androidx.test.ext:junit:1.1.2'
-    testImplementation('org.robolectric:robolectric:4.3.1') { // 4.4 has issue with non-idle Looper
-        // https://github.com/robolectric/robolectric/issues/5245
-        exclude group: "com.google.auto.service", module: "auto-service"
-    }
-    testImplementation "org.junit.jupiter:junit-jupiter-api:$junit5_version"
-    testImplementation "org.junit.jupiter:junit-jupiter-params:$junit5_version"
-    testImplementation "io.mockk:mockk:$mockk_version"
-    testImplementation 'org.bitcoinj:bitcoinj-core:0.15.10'
-    testRuntimeOnly "org.junit.jupiter:junit-jupiter-engine:$junit5_version"
-    testRuntimeOnly "org.junit.vintage:junit-vintage-engine:$junit5_version"
-
-    androidTestImplementation 'androidx.test:runner:1.3.0'
-    androidTestImplementation 'androidx.test:rules:1.3.0'
-    androidTestImplementation 'androidx.test.ext:junit:1.1.2'
-    androidTestImplementation "io.mockk:mockk-android:$mockk_version"
-}
-
-apply from: "${rootProject.rootDir}/gradle/ktlint.gradle"
-
-gradle.projectsEvaluated {
-    tasks.withType(JavaCompile) {
-        if (JavaVersion.current() >= JavaVersion.VERSION_1_9) {
-            options.compilerArgs.addAll(['--release', '8'])
-        }
-        options.compilerArgs.add('-Xbootclasspath/p:app/libs/android.jar:app/libs/libcore.jar')
-    }
-}
-
-// http://www.31mins.com/android-studio-build-system-application/
-preBuild.doLast {
-    def imlFile = file(project.name + ".iml")
-
-    try {
-        def parsedXml = (new XmlParser()).parse(imlFile)
-        def jdkNode = parsedXml.component[1].orderEntry.find { it.'@type' == 'jdk' }
-        parsedXml.component[1].remove(jdkNode)
-
-        def apiString = android.compileSdkVersion.substring("android-".length())
-        def sdkString = "Android API " + apiString + " Platform"
-        //noinspection GroovyResultOfObjectAllocationIgnored // the note gets inserted
-        new Node(parsedXml.component[1], 'orderEntry', [
-                'type'   : 'jdk',
-                'jdkName': sdkString,
-                'jdkType': 'Android SDK'
-        ])
-        XmlUtil.serialize(parsedXml, new FileOutputStream(imlFile))
-
-    } catch (NullPointerException | FileNotFoundException ex) {
-        ex.printStackTrace()
-    }
-}
-
-configurations {
-    all {
-        resolutionStrategy {
-            failOnNonReproducibleResolution()
-        }
-    }
-}

app/build.gradle.kts

@@ -0,0 +1,286 @@
+//
+// SPDX-FileCopyrightText: 2023 The Calyx Institute
+// SPDX-License-Identifier: Apache-2.0
+//
+
+import com.google.protobuf.gradle.id
+import org.gradle.api.tasks.testing.logging.TestExceptionFormat
+import java.io.ByteArrayOutputStream
+
+plugins {
+    alias(libs.plugins.android.application)
+    alias(libs.plugins.jetbrains.kotlin.android)
+    alias(libs.plugins.google.protobuf)
+}
+
+val gitDescribe = {
+    val stdout = ByteArrayOutputStream()
+    exec {
+        commandLine("git", "describe", "--always", "--tags", "--dirty=-dirty")
+        standardOutput = stdout
+    }
+    stdout.toString().trim()
+}
+
+android {
+    namespace = "com.stevesoltys.seedvault"
+    compileSdk = libs.versions.compileSdk.get().toInt()
+
+    defaultConfig {
+        minSdk = libs.versions.minSdk.get().toInt()
+        targetSdk = libs.versions.targetSdk.get().toInt()
+        versionNameSuffix = "-${gitDescribe()}"
+        testInstrumentationRunner = "com.stevesoltys.seedvault.KoinInstrumentationTestRunner"
+        testInstrumentationRunnerArguments["disableAnalytics"] = "true"
+    }
+
+    signingConfigs {
+        create("aosp") {
+            // Generated from the AOSP platform key:
+            // https://android.googlesource.com/platform/build/+/refs/tags/android-11.0.0_r29/target/product/security/platform.pk8
+            keyAlias = "platform"
+            keyPassword = "platform"
+            storeFile = file("development/platform.jks")
+            storePassword = "platform"
+        }
+    }
+
+    buildTypes {
+        all {
+            isMinifyEnabled = false
+        }
+
+        getByName("release").signingConfig = signingConfigs.getByName("aosp")
+        getByName("debug").signingConfig = signingConfigs.getByName("aosp")
+    }
+
+    compileOptions {
+        sourceCompatibility = JavaVersion.VERSION_17
+        targetCompatibility = JavaVersion.VERSION_17
+    }
+
+    kotlinOptions {
+        jvmTarget = JavaVersion.VERSION_17.toString()
+        languageVersion = "1.8"
+    }
+
+    packaging {
+        resources {
+            excludes += listOf("META-INF/LICENSE.md", "META-INF/LICENSE-notice.md")
+        }
+    }
+
+    testOptions.unitTests {
+        all { it.useJUnitPlatform() }
+
+        isIncludeAndroidResources = true
+    }
+
+    sourceSets {
+        named("test") {
+            java.srcDirs("$projectDir/src/sharedTest/java")
+        }
+        named("androidTest") {
+            java.srcDirs("$projectDir/src/sharedTest/java")
+        }
+    }
+
+    protobuf {
+        protoc {
+            artifact = if ("aarch64" == System.getProperty("os.arch")) {
+                // mac m1
+                "com.google.protobuf:protoc:${libs.versions.protobuf.get()}:osx-x86_64"
+            } else {
+                // other
+                "com.google.protobuf:protoc:${libs.versions.protobuf.get()}"
+            }
+        }
+        generateProtoTasks {
+            all().forEach { task ->
+                task.plugins {
+                    id("java") {
+                        option("lite")
+                    }
+                    id("kotlin") {
+                        option("lite")
+                    }
+                }
+            }
+        }
+    }
+
+    lint {
+        abortOnError = true
+
+        disable.clear()
+        disable += setOf(
+            "DialogFragmentCallbacksDetector",
+            "InvalidFragmentVersionForActivityResult",
+            "CheckedExceptions"
+        )
+    }
+}
+
+dependencies {
+    val aospLibs: FileTree by rootProject.extra
+    compileOnly(aospLibs)
+
+    /**
+     * Dependencies in AOSP
+     *
+     * We try to keep the dependencies in sync with what AOSP ships as Seedvault is meant to be built
+     * with the AOSP build system and gradle builds are just for more pleasant development.
+     * Using the AOSP versions in gradle builds allows us to spot issues early on.
+     */
+    implementation(libs.bundles.kotlin)
+    // These coroutine libraries get upgraded otherwise to versions incompatible with kotlin version
+    implementation(libs.bundles.coroutines)
+
+    implementation(libs.androidx.core)
+    // A newer version gets pulled in with AOSP via core, so we include fragment here explicitly
+    implementation(libs.androidx.fragment)
+    implementation(libs.androidx.activity)
+    implementation(libs.androidx.preference)
+    implementation(libs.androidx.lifecycle.viewmodel.ktx)
+    implementation(libs.androidx.lifecycle.livedata.ktx)
+    implementation(libs.androidx.constraintlayout)
+    implementation(libs.androidx.documentfile)
+    implementation(libs.androidx.work.runtime.ktx)
+    implementation(libs.google.material)
+
+    implementation(libs.google.protobuf.javalite)
+    implementation(libs.google.tink.android)
+    implementation(libs.kotlin.logging)
+    implementation(libs.squareup.okio)
+
+    /**
+     * Storage Dependencies
+     */
+    implementation(project(":core"))
+    implementation(project(":storage:lib"))
+
+    /**
+     * External Dependencies
+     *
+     * If the dependencies below are updated,
+     * please make sure to update the prebuilt libraries and the Android.bp files
+     * in the top-level `libs` folder to reflect that.
+     * You can copy these libraries from ~/.gradle/caches/modules-2/files-2.1
+     */
+    implementation(fileTree("${rootProject.rootDir}/libs/koin-android").include("*.jar"))
+    implementation(fileTree("${rootProject.rootDir}/libs/koin-android").include("*.aar"))
+
+    implementation(
+        fileTree("${rootProject.rootDir}/libs").include("protobuf-kotlin-lite-3.21.12.jar")
+    )
+    implementation(fileTree("${rootProject.rootDir}/libs").include("seedvault-chunker-0.1.jar"))
+    implementation(fileTree("${rootProject.rootDir}/libs").include("zstd-jni-1.5.6-5.aar"))
+    implementation(fileTree("${rootProject.rootDir}/libs").include("kotlin-bip39-jvm-1.0.8.jar"))
+    implementation(fileTree("${rootProject.rootDir}/libs").include("logback-android-3.0.0.aar"))
+
+    /**
+     * Test Dependencies (do not concern the AOSP build)
+     */
+    lintChecks(libs.thirdegg.lint.rules)
+
+    // anything less than 'implementation' fails tests run with gradlew
+    testImplementation(aospLibs)
+    testImplementation("androidx.test.ext:junit:1.1.5")
+    testImplementation("org.slf4j:slf4j-simple:2.0.3")
+    testImplementation("org.robolectric:robolectric:4.12.2")
+    testImplementation("org.hamcrest:hamcrest:2.2")
+    testImplementation("org.junit.jupiter:junit-jupiter-api:${libs.versions.junit5.get()}")
+    testImplementation("org.junit.jupiter:junit-jupiter-params:${libs.versions.junit5.get()}")
+    testImplementation("io.mockk:mockk:${libs.versions.mockk.get()}")
+    testImplementation(
+        "org.jetbrains.kotlinx:kotlinx-coroutines-test:${libs.versions.coroutines.get()}"
+    )
+    testImplementation("app.cash.turbine:turbine:1.0.0")
+    testImplementation("org.bitcoinj:bitcoinj-core:0.16.2")
+    testImplementation("com.github.luben:zstd-jni:1.5.6-5")
+    testRuntimeOnly("org.junit.jupiter:junit-jupiter-engine:${libs.versions.junit5.get()}")
+    testRuntimeOnly("org.junit.vintage:junit-vintage-engine:${libs.versions.junit5.get()}")
+
+    androidTestImplementation(aospLibs)
+    androidTestImplementation(kotlin("test"))
+    androidTestImplementation("androidx.test:runner:1.4.0")
+    androidTestImplementation("androidx.test:rules:1.4.0")
+    androidTestImplementation("androidx.test.ext:junit:1.1.3")
+    androidTestImplementation("io.mockk:mockk-android:1.13.8")
+    androidTestImplementation("androidx.test.uiautomator:uiautomator:2.2.0")
+}
+
+gradle.projectsEvaluated {
+    tasks.withType(JavaCompile::class) {
+        options.compilerArgs.add("-Xbootclasspath/p:libs/aosp/android.jar:libs/aosp/libcore.jar")
+    }
+}
+
+tasks.withType<Test>().configureEach {
+    testLogging {
+        events("passed", "skipped", "failed")
+
+        showExceptions = true
+        showCauses = true
+        showStackTraces = true
+        exceptionFormat = TestExceptionFormat.FULL
+    }
+}
+
+configurations.all {
+    resolutionStrategy {
+        failOnNonReproducibleResolution()
+    }
+}
+
+tasks.register<Exec>("provisionEmulator") {
+    group = "emulator"
+
+    dependsOn(tasks.getByName("assembleRelease"))
+
+    doFirst {
+        commandLine(
+            "${project.projectDir}/development/scripts/provision_emulator.sh",
+            "seedvault",
+            "system-images;android-34;default;x86_64"
+        )
+
+        environment("ANDROID_HOME", android.sdkDirectory.absolutePath)
+        environment("JAVA_HOME", System.getProperty("java.home"))
+    }
+}
+
+tasks.register<Exec>("startEmulator") {
+    group = "emulator"
+
+    doFirst {
+        commandLine("${project.projectDir}/development/scripts/start_emulator.sh", "seedvault")
+
+        environment("ANDROID_HOME", android.sdkDirectory.absolutePath)
+        environment("JAVA_HOME", System.getProperty("java.home"))
+    }
+}
+
+tasks.register<Exec>("installEmulatorRelease") {
+    group = "emulator"
+
+    dependsOn(tasks.getByName("assembleRelease"))
+
+    doFirst {
+        commandLine("${project.projectDir}/development/scripts/install_app.sh")
+
+        environment("ANDROID_HOME", android.sdkDirectory.absolutePath)
+        environment("JAVA_HOME", System.getProperty("java.home"))
+    }
+}
+
+tasks.register<Exec>("clearEmulatorAppData") {
+    group = "emulator"
+
+    doFirst {
+        commandLine("${project.projectDir}/development/scripts/clear_app_data.sh")
+
+        environment("ANDROID_HOME", android.sdkDirectory.absolutePath)
+        environment("JAVA_HOME", System.getProperty("java.home"))
+    }
+}

app/build/generated/source/proto/debug/kotlin/com/stevesoltys/seedvault/proto/SnapshotKt.kt

@@ -0,0 +1,950 @@
+//Generated by the protocol buffer compiler. DO NOT EDIT!
+// source: snapshot.proto
+
+package com.stevesoltys.seedvault.proto;
+
+@kotlin.jvm.JvmName("-initializesnapshot")
+public inline fun snapshot(block: com.stevesoltys.seedvault.proto.SnapshotKt.Dsl.() -> kotlin.Unit): com.stevesoltys.seedvault.proto.Snapshot =
+  com.stevesoltys.seedvault.proto.SnapshotKt.Dsl._create(com.stevesoltys.seedvault.proto.Snapshot.newBuilder()).apply { block() }._build()
+public object SnapshotKt {
+  @kotlin.OptIn(com.google.protobuf.kotlin.OnlyForUseByGeneratedProtoCode::class)
+  @com.google.protobuf.kotlin.ProtoDslMarker
+  public class Dsl private constructor(
+    private val _builder: com.stevesoltys.seedvault.proto.Snapshot.Builder
+  ) {
+    public companion object {
+      @kotlin.jvm.JvmSynthetic
+      @kotlin.PublishedApi
+      internal fun _create(builder: com.stevesoltys.seedvault.proto.Snapshot.Builder): Dsl = Dsl(builder)
+    }
+
+    @kotlin.jvm.JvmSynthetic
+    @kotlin.PublishedApi
+    internal fun _build(): com.stevesoltys.seedvault.proto.Snapshot = _builder.build()
+
+    /**
+     * <code>uint32 version = 1;</code>
+     */
+    public var version: kotlin.Int
+      @JvmName("getVersion")
+      get() = _builder.getVersion()
+      @JvmName("setVersion")
+      set(value) {
+        _builder.setVersion(value)
+      }
+    /**
+     * <code>uint32 version = 1;</code>
+     */
+    public fun clearVersion() {
+      _builder.clearVersion()
+    }
+
+    /**
+     * <code>uint64 token = 2;</code>
+     */
+    public var token: kotlin.Long
+      @JvmName("getToken")
+      get() = _builder.getToken()
+      @JvmName("setToken")
+      set(value) {
+        _builder.setToken(value)
+      }
+    /**
+     * <code>uint64 token = 2;</code>
+     */
+    public fun clearToken() {
+      _builder.clearToken()
+    }
+
+    /**
+     * <code>string name = 3;</code>
+     */
+    public var name: kotlin.String
+      @JvmName("getName")
+      get() = _builder.getName()
+      @JvmName("setName")
+      set(value) {
+        _builder.setName(value)
+      }
+    /**
+     * <code>string name = 3;</code>
+     */
+    public fun clearName() {
+      _builder.clearName()
+    }
+
+    /**
+     * <code>string user = 4;</code>
+     */
+    public var user: kotlin.String
+      @JvmName("getUser")
+      get() = _builder.getUser()
+      @JvmName("setUser")
+      set(value) {
+        _builder.setUser(value)
+      }
+    /**
+     * <code>string user = 4;</code>
+     */
+    public fun clearUser() {
+      _builder.clearUser()
+    }
+
+    /**
+     * <code>string androidId = 5;</code>
+     */
+    public var androidId: kotlin.String
+      @JvmName("getAndroidId")
+      get() = _builder.getAndroidId()
+      @JvmName("setAndroidId")
+      set(value) {
+        _builder.setAndroidId(value)
+      }
+    /**
+     * <code>string androidId = 5;</code>
+     */
+    public fun clearAndroidId() {
+      _builder.clearAndroidId()
+    }
+
+    /**
+     * <code>uint32 sdkInt = 6;</code>
+     */
+    public var sdkInt: kotlin.Int
+      @JvmName("getSdkInt")
+      get() = _builder.getSdkInt()
+      @JvmName("setSdkInt")
+      set(value) {
+        _builder.setSdkInt(value)
+      }
+    /**
+     * <code>uint32 sdkInt = 6;</code>
+     */
+    public fun clearSdkInt() {
+      _builder.clearSdkInt()
+    }
+
+    /**
+     * <code>string androidIncremental = 7;</code>
+     */
+    public var androidIncremental: kotlin.String
+      @JvmName("getAndroidIncremental")
+      get() = _builder.getAndroidIncremental()
+      @JvmName("setAndroidIncremental")
+      set(value) {
+        _builder.setAndroidIncremental(value)
+      }
+    /**
+     * <code>string androidIncremental = 7;</code>
+     */
+    public fun clearAndroidIncremental() {
+      _builder.clearAndroidIncremental()
+    }
+
+    /**
+     * <code>bool d2d = 8;</code>
+     */
+    public var d2D: kotlin.Boolean
+      @JvmName("getD2D")
+      get() = _builder.getD2D()
+      @JvmName("setD2D")
+      set(value) {
+        _builder.setD2D(value)
+      }
+    /**
+     * <code>bool d2d = 8;</code>
+     */
+    public fun clearD2D() {
+      _builder.clearD2D()
+    }
+
+    /**
+     * An uninstantiable, behaviorless type to represent the field in
+     * generics.
+     */
+    @kotlin.OptIn(com.google.protobuf.kotlin.OnlyForUseByGeneratedProtoCode::class)
+    public class AppsProxy private constructor() : com.google.protobuf.kotlin.DslProxy()
+    /**
+     * <code>map&lt;string, .com.stevesoltys.seedvault.proto.Snapshot.App&gt; apps = 9;</code>
+     */
+     public val apps: com.google.protobuf.kotlin.DslMap<kotlin.String, com.stevesoltys.seedvault.proto.Snapshot.App, AppsProxy>
+      @kotlin.jvm.JvmSynthetic
+      @JvmName("getAppsMap")
+      get() = com.google.protobuf.kotlin.DslMap(
+        _builder.getAppsMap()
+      )
+    /**
+     * <code>map&lt;string, .com.stevesoltys.seedvault.proto.Snapshot.App&gt; apps = 9;</code>
+     */
+    @JvmName("putApps")
+    public fun com.google.protobuf.kotlin.DslMap<kotlin.String, com.stevesoltys.seedvault.proto.Snapshot.App, AppsProxy>
+      .put(key: kotlin.String, value: com.stevesoltys.seedvault.proto.Snapshot.App) {
+         _builder.putApps(key, value)
+       }
+    /**
+     * <code>map&lt;string, .com.stevesoltys.seedvault.proto.Snapshot.App&gt; apps = 9;</code>
+     */
+    @kotlin.jvm.JvmSynthetic
+    @JvmName("setApps")
+    @Suppress("NOTHING_TO_INLINE")
+    public inline operator fun com.google.protobuf.kotlin.DslMap<kotlin.String, com.stevesoltys.seedvault.proto.Snapshot.App, AppsProxy>
+      .set(key: kotlin.String, value: com.stevesoltys.seedvault.proto.Snapshot.App) {
+         put(key, value)
+       }
+    /**
+     * <code>map&lt;string, .com.stevesoltys.seedvault.proto.Snapshot.App&gt; apps = 9;</code>
+     */
+    @kotlin.jvm.JvmSynthetic
+    @JvmName("removeApps")
+    public fun com.google.protobuf.kotlin.DslMap<kotlin.String, com.stevesoltys.seedvault.proto.Snapshot.App, AppsProxy>
+      .remove(key: kotlin.String) {
+         _builder.removeApps(key)
+       }
+    /**
+     * <code>map&lt;string, .com.stevesoltys.seedvault.proto.Snapshot.App&gt; apps = 9;</code>
+     */
+    @kotlin.jvm.JvmSynthetic
+    @JvmName("putAllApps")
+    public fun com.google.protobuf.kotlin.DslMap<kotlin.String, com.stevesoltys.seedvault.proto.Snapshot.App, AppsProxy>
+      .putAll(map: kotlin.collections.Map<kotlin.String, com.stevesoltys.seedvault.proto.Snapshot.App>) {
+         _builder.putAllApps(map)
+       }
+    /**
+     * <code>map&lt;string, .com.stevesoltys.seedvault.proto.Snapshot.App&gt; apps = 9;</code>
+     */
+    @kotlin.jvm.JvmSynthetic
+    @JvmName("clearApps")
+    public fun com.google.protobuf.kotlin.DslMap<kotlin.String, com.stevesoltys.seedvault.proto.Snapshot.App, AppsProxy>
+      .clear() {
+         _builder.clearApps()
+       }
+
+    /**
+     * An uninstantiable, behaviorless type to represent the field in
+     * generics.
+     */
+    @kotlin.OptIn(com.google.protobuf.kotlin.OnlyForUseByGeneratedProtoCode::class)
+    public class IconChunkIdsProxy private constructor() : com.google.protobuf.kotlin.DslProxy()
+    /**
+     * <code>repeated bytes iconChunkIds = 10;</code>
+     */
+     public val iconChunkIds: com.google.protobuf.kotlin.DslList<com.google.protobuf.ByteString, IconChunkIdsProxy>
+      @kotlin.jvm.JvmSynthetic
+      get() = com.google.protobuf.kotlin.DslList(
+        _builder.getIconChunkIdsList()
+      )
+    /**
+     * <code>repeated bytes iconChunkIds = 10;</code>
+     * @param value The iconChunkIds to add.
+     */
+    @kotlin.jvm.JvmSynthetic
+    @kotlin.jvm.JvmName("addIconChunkIds")
+    public fun com.google.protobuf.kotlin.DslList<com.google.protobuf.ByteString, IconChunkIdsProxy>.add(value: com.google.protobuf.ByteString) {
+      _builder.addIconChunkIds(value)
+    }/**
+     * <code>repeated bytes iconChunkIds = 10;</code>
+     * @param value The iconChunkIds to add.
+     */
+    @kotlin.jvm.JvmSynthetic
+    @kotlin.jvm.JvmName("plusAssignIconChunkIds")
+    @Suppress("NOTHING_TO_INLINE")
+    public inline operator fun com.google.protobuf.kotlin.DslList<com.google.protobuf.ByteString, IconChunkIdsProxy>.plusAssign(value: com.google.protobuf.ByteString) {
+      add(value)
+    }/**
+     * <code>repeated bytes iconChunkIds = 10;</code>
+     * @param values The iconChunkIds to add.
+     */
+    @kotlin.jvm.JvmSynthetic
+    @kotlin.jvm.JvmName("addAllIconChunkIds")
+    public fun com.google.protobuf.kotlin.DslList<com.google.protobuf.ByteString, IconChunkIdsProxy>.addAll(values: kotlin.collections.Iterable<com.google.protobuf.ByteString>) {
+      _builder.addAllIconChunkIds(values)
+    }/**
+     * <code>repeated bytes iconChunkIds = 10;</code>
+     * @param values The iconChunkIds to add.
+     */
+    @kotlin.jvm.JvmSynthetic
+    @kotlin.jvm.JvmName("plusAssignAllIconChunkIds")
+    @Suppress("NOTHING_TO_INLINE")
+    public inline operator fun com.google.protobuf.kotlin.DslList<com.google.protobuf.ByteString, IconChunkIdsProxy>.plusAssign(values: kotlin.collections.Iterable<com.google.protobuf.ByteString>) {
+      addAll(values)
+    }/**
+     * <code>repeated bytes iconChunkIds = 10;</code>
+     * @param index The index to set the value at.
+     * @param value The iconChunkIds to set.
+     */
+    @kotlin.jvm.JvmSynthetic
+    @kotlin.jvm.JvmName("setIconChunkIds")
+    public operator fun com.google.protobuf.kotlin.DslList<com.google.protobuf.ByteString, IconChunkIdsProxy>.set(index: kotlin.Int, value: com.google.protobuf.ByteString) {
+      _builder.setIconChunkIds(index, value)
+    }/**
+     * <code>repeated bytes iconChunkIds = 10;</code>
+     */
+    @kotlin.jvm.JvmSynthetic
+    @kotlin.jvm.JvmName("clearIconChunkIds")
+    public fun com.google.protobuf.kotlin.DslList<com.google.protobuf.ByteString, IconChunkIdsProxy>.clear() {
+      _builder.clearIconChunkIds()
+    }
+    /**
+     * An uninstantiable, behaviorless type to represent the field in
+     * generics.
+     */
+    @kotlin.OptIn(com.google.protobuf.kotlin.OnlyForUseByGeneratedProtoCode::class)
+    public class BlobsProxy private constructor() : com.google.protobuf.kotlin.DslProxy()
+    /**
+     * <code>map&lt;string, .com.stevesoltys.seedvault.proto.Snapshot.Blob&gt; blobs = 11;</code>
+     */
+     public val blobs: com.google.protobuf.kotlin.DslMap<kotlin.String, com.stevesoltys.seedvault.proto.Snapshot.Blob, BlobsProxy>
+      @kotlin.jvm.JvmSynthetic
+      @JvmName("getBlobsMap")
+      get() = com.google.protobuf.kotlin.DslMap(
+        _builder.getBlobsMap()
+      )
+    /**
+     * <code>map&lt;string, .com.stevesoltys.seedvault.proto.Snapshot.Blob&gt; blobs = 11;</code>
+     */
+    @JvmName("putBlobs")
+    public fun com.google.protobuf.kotlin.DslMap<kotlin.String, com.stevesoltys.seedvault.proto.Snapshot.Blob, BlobsProxy>
+      .put(key: kotlin.String, value: com.stevesoltys.seedvault.proto.Snapshot.Blob) {
+         _builder.putBlobs(key, value)
+       }
+    /**
+     * <code>map&lt;string, .com.stevesoltys.seedvault.proto.Snapshot.Blob&gt; blobs = 11;</code>
+     */
+    @kotlin.jvm.JvmSynthetic
+    @JvmName("setBlobs")
+    @Suppress("NOTHING_TO_INLINE")
+    public inline operator fun com.google.protobuf.kotlin.DslMap<kotlin.String, com.stevesoltys.seedvault.proto.Snapshot.Blob, BlobsProxy>
+      .set(key: kotlin.String, value: com.stevesoltys.seedvault.proto.Snapshot.Blob) {
+         put(key, value)
+       }
+    /**
+     * <code>map&lt;string, .com.stevesoltys.seedvault.proto.Snapshot.Blob&gt; blobs = 11;</code>
+     */
+    @kotlin.jvm.JvmSynthetic
+    @JvmName("removeBlobs")
+    public fun com.google.protobuf.kotlin.DslMap<kotlin.String, com.stevesoltys.seedvault.proto.Snapshot.Blob, BlobsProxy>
+      .remove(key: kotlin.String) {
+         _builder.removeBlobs(key)
+       }
+    /**
+     * <code>map&lt;string, .com.stevesoltys.seedvault.proto.Snapshot.Blob&gt; blobs = 11;</code>
+     */
+    @kotlin.jvm.JvmSynthetic
+    @JvmName("putAllBlobs")
+    public fun com.google.protobuf.kotlin.DslMap<kotlin.String, com.stevesoltys.seedvault.proto.Snapshot.Blob, BlobsProxy>
+      .putAll(map: kotlin.collections.Map<kotlin.String, com.stevesoltys.seedvault.proto.Snapshot.Blob>) {
+         _builder.putAllBlobs(map)
+       }
+    /**
+     * <code>map&lt;string, .com.stevesoltys.seedvault.proto.Snapshot.Blob&gt; blobs = 11;</code>
+     */
+    @kotlin.jvm.JvmSynthetic
+    @JvmName("clearBlobs")
+    public fun com.google.protobuf.kotlin.DslMap<kotlin.String, com.stevesoltys.seedvault.proto.Snapshot.Blob, BlobsProxy>
+      .clear() {
+         _builder.clearBlobs()
+       }
+  }
+  @kotlin.jvm.JvmName("-initializeapp")
+  public inline fun app(block: com.stevesoltys.seedvault.proto.SnapshotKt.AppKt.Dsl.() -> kotlin.Unit): com.stevesoltys.seedvault.proto.Snapshot.App =
+    com.stevesoltys.seedvault.proto.SnapshotKt.AppKt.Dsl._create(com.stevesoltys.seedvault.proto.Snapshot.App.newBuilder()).apply { block() }._build()
+  public object AppKt {
+    @kotlin.OptIn(com.google.protobuf.kotlin.OnlyForUseByGeneratedProtoCode::class)
+    @com.google.protobuf.kotlin.ProtoDslMarker
+    public class Dsl private constructor(
+      private val _builder: com.stevesoltys.seedvault.proto.Snapshot.App.Builder
+    ) {
+      public companion object {
+        @kotlin.jvm.JvmSynthetic
+        @kotlin.PublishedApi
+        internal fun _create(builder: com.stevesoltys.seedvault.proto.Snapshot.App.Builder): Dsl = Dsl(builder)
+      }
+
+      @kotlin.jvm.JvmSynthetic
+      @kotlin.PublishedApi
+      internal fun _build(): com.stevesoltys.seedvault.proto.Snapshot.App = _builder.build()
+
+      /**
+       * <code>uint64 time = 1;</code>
+       */
+      public var time: kotlin.Long
+        @JvmName("getTime")
+        get() = _builder.getTime()
+        @JvmName("setTime")
+        set(value) {
+          _builder.setTime(value)
+        }
+      /**
+       * <code>uint64 time = 1;</code>
+       */
+      public fun clearTime() {
+        _builder.clearTime()
+      }
+
+      /**
+       * <code>.com.stevesoltys.seedvault.proto.Snapshot.BackupType type = 2;</code>
+       */
+      public var type: com.stevesoltys.seedvault.proto.Snapshot.BackupType
+        @JvmName("getType")
+        get() = _builder.getType()
+        @JvmName("setType")
+        set(value) {
+          _builder.setType(value)
+        }
+      /**
+       * <code>.com.stevesoltys.seedvault.proto.Snapshot.BackupType type = 2;</code>
+       */
+      public fun clearType() {
+        _builder.clearType()
+      }
+
+      /**
+       * <code>string name = 3;</code>
+       */
+      public var name: kotlin.String
+        @JvmName("getName")
+        get() = _builder.getName()
+        @JvmName("setName")
+        set(value) {
+          _builder.setName(value)
+        }
+      /**
+       * <code>string name = 3;</code>
+       */
+      public fun clearName() {
+        _builder.clearName()
+      }
+
+      /**
+       * <code>bool system = 4;</code>
+       */
+      public var system: kotlin.Boolean
+        @JvmName("getSystem")
+        get() = _builder.getSystem()
+        @JvmName("setSystem")
+        set(value) {
+          _builder.setSystem(value)
+        }
+      /**
+       * <code>bool system = 4;</code>
+       */
+      public fun clearSystem() {
+        _builder.clearSystem()
+      }
+
+      /**
+       * <code>bool launchableSystemApp = 5;</code>
+       */
+      public var launchableSystemApp: kotlin.Boolean
+        @JvmName("getLaunchableSystemApp")
+        get() = _builder.getLaunchableSystemApp()
+        @JvmName("setLaunchableSystemApp")
+        set(value) {
+          _builder.setLaunchableSystemApp(value)
+        }
+      /**
+       * <code>bool launchableSystemApp = 5;</code>
+       */
+      public fun clearLaunchableSystemApp() {
+        _builder.clearLaunchableSystemApp()
+      }
+
+      /**
+       * An uninstantiable, behaviorless type to represent the field in
+       * generics.
+       */
+      @kotlin.OptIn(com.google.protobuf.kotlin.OnlyForUseByGeneratedProtoCode::class)
+      public class ChunkIdsProxy private constructor() : com.google.protobuf.kotlin.DslProxy()
+      /**
+       * <code>repeated bytes chunkIds = 6;</code>
+       */
+       public val chunkIds: com.google.protobuf.kotlin.DslList<com.google.protobuf.ByteString, ChunkIdsProxy>
+        @kotlin.jvm.JvmSynthetic
+        get() = com.google.protobuf.kotlin.DslList(
+          _builder.getChunkIdsList()
+        )
+      /**
+       * <code>repeated bytes chunkIds = 6;</code>
+       * @param value The chunkIds to add.
+       */
+      @kotlin.jvm.JvmSynthetic
+      @kotlin.jvm.JvmName("addChunkIds")
+      public fun com.google.protobuf.kotlin.DslList<com.google.protobuf.ByteString, ChunkIdsProxy>.add(value: com.google.protobuf.ByteString) {
+        _builder.addChunkIds(value)
+      }/**
+       * <code>repeated bytes chunkIds = 6;</code>
+       * @param value The chunkIds to add.
+       */
+      @kotlin.jvm.JvmSynthetic
+      @kotlin.jvm.JvmName("plusAssignChunkIds")
+      @Suppress("NOTHING_TO_INLINE")
+      public inline operator fun com.google.protobuf.kotlin.DslList<com.google.protobuf.ByteString, ChunkIdsProxy>.plusAssign(value: com.google.protobuf.ByteString) {
+        add(value)
+      }/**
+       * <code>repeated bytes chunkIds = 6;</code>
+       * @param values The chunkIds to add.
+       */
+      @kotlin.jvm.JvmSynthetic
+      @kotlin.jvm.JvmName("addAllChunkIds")
+      public fun com.google.protobuf.kotlin.DslList<com.google.protobuf.ByteString, ChunkIdsProxy>.addAll(values: kotlin.collections.Iterable<com.google.protobuf.ByteString>) {
+        _builder.addAllChunkIds(values)
+      }/**
+       * <code>repeated bytes chunkIds = 6;</code>
+       * @param values The chunkIds to add.
+       */
+      @kotlin.jvm.JvmSynthetic
+      @kotlin.jvm.JvmName("plusAssignAllChunkIds")
+      @Suppress("NOTHING_TO_INLINE")
+      public inline operator fun com.google.protobuf.kotlin.DslList<com.google.protobuf.ByteString, ChunkIdsProxy>.plusAssign(values: kotlin.collections.Iterable<com.google.protobuf.ByteString>) {
+        addAll(values)
+      }/**
+       * <code>repeated bytes chunkIds = 6;</code>
+       * @param index The index to set the value at.
+       * @param value The chunkIds to set.
+       */
+      @kotlin.jvm.JvmSynthetic
+      @kotlin.jvm.JvmName("setChunkIds")
+      public operator fun com.google.protobuf.kotlin.DslList<com.google.protobuf.ByteString, ChunkIdsProxy>.set(index: kotlin.Int, value: com.google.protobuf.ByteString) {
+        _builder.setChunkIds(index, value)
+      }/**
+       * <code>repeated bytes chunkIds = 6;</code>
+       */
+      @kotlin.jvm.JvmSynthetic
+      @kotlin.jvm.JvmName("clearChunkIds")
+      public fun com.google.protobuf.kotlin.DslList<com.google.protobuf.ByteString, ChunkIdsProxy>.clear() {
+        _builder.clearChunkIds()
+      }
+      /**
+       * <code>.com.stevesoltys.seedvault.proto.Snapshot.Apk apk = 7;</code>
+       */
+      public var apk: com.stevesoltys.seedvault.proto.Snapshot.Apk
+        @JvmName("getApk")
+        get() = _builder.getApk()
+        @JvmName("setApk")
+        set(value) {
+          _builder.setApk(value)
+        }
+      /**
+       * <code>.com.stevesoltys.seedvault.proto.Snapshot.Apk apk = 7;</code>
+       */
+      public fun clearApk() {
+        _builder.clearApk()
+      }
+      /**
+       * <code>.com.stevesoltys.seedvault.proto.Snapshot.Apk apk = 7;</code>
+       * @return Whether the apk field is set.
+       */
+      public fun hasApk(): kotlin.Boolean {
+        return _builder.hasApk()
+      }
+
+      /**
+       * <code>uint64 size = 8;</code>
+       */
+      public var size: kotlin.Long
+        @JvmName("getSize")
+        get() = _builder.getSize()
+        @JvmName("setSize")
+        set(value) {
+          _builder.setSize(value)
+        }
+      /**
+       * <code>uint64 size = 8;</code>
+       */
+      public fun clearSize() {
+        _builder.clearSize()
+      }
+    }
+  }
+  @kotlin.jvm.JvmName("-initializeapk")
+  public inline fun apk(block: com.stevesoltys.seedvault.proto.SnapshotKt.ApkKt.Dsl.() -> kotlin.Unit): com.stevesoltys.seedvault.proto.Snapshot.Apk =
+    com.stevesoltys.seedvault.proto.SnapshotKt.ApkKt.Dsl._create(com.stevesoltys.seedvault.proto.Snapshot.Apk.newBuilder()).apply { block() }._build()
+  public object ApkKt {
+    @kotlin.OptIn(com.google.protobuf.kotlin.OnlyForUseByGeneratedProtoCode::class)
+    @com.google.protobuf.kotlin.ProtoDslMarker
+    public class Dsl private constructor(
+      private val _builder: com.stevesoltys.seedvault.proto.Snapshot.Apk.Builder
+    ) {
+      public companion object {
+        @kotlin.jvm.JvmSynthetic
+        @kotlin.PublishedApi
+        internal fun _create(builder: com.stevesoltys.seedvault.proto.Snapshot.Apk.Builder): Dsl = Dsl(builder)
+      }
+
+      @kotlin.jvm.JvmSynthetic
+      @kotlin.PublishedApi
+      internal fun _build(): com.stevesoltys.seedvault.proto.Snapshot.Apk = _builder.build()
+
+      /**
+       * <pre>
+       **
+       * Attention: Has default value of 0
+       * </pre>
+       *
+       * <code>uint64 versionCode = 1;</code>
+       */
+      public var versionCode: kotlin.Long
+        @JvmName("getVersionCode")
+        get() = _builder.getVersionCode()
+        @JvmName("setVersionCode")
+        set(value) {
+          _builder.setVersionCode(value)
+        }
+      /**
+       * <pre>
+       **
+       * Attention: Has default value of 0
+       * </pre>
+       *
+       * <code>uint64 versionCode = 1;</code>
+       */
+      public fun clearVersionCode() {
+        _builder.clearVersionCode()
+      }
+
+      /**
+       * <code>string installer = 2;</code>
+       */
+      public var installer: kotlin.String
+        @JvmName("getInstaller")
+        get() = _builder.getInstaller()
+        @JvmName("setInstaller")
+        set(value) {
+          _builder.setInstaller(value)
+        }
+      /**
+       * <code>string installer = 2;</code>
+       */
+      public fun clearInstaller() {
+        _builder.clearInstaller()
+      }
+
+      /**
+       * An uninstantiable, behaviorless type to represent the field in
+       * generics.
+       */
+      @kotlin.OptIn(com.google.protobuf.kotlin.OnlyForUseByGeneratedProtoCode::class)
+      public class SignaturesProxy private constructor() : com.google.protobuf.kotlin.DslProxy()
+      /**
+       * <code>repeated bytes signatures = 3;</code>
+       */
+       public val signatures: com.google.protobuf.kotlin.DslList<com.google.protobuf.ByteString, SignaturesProxy>
+        @kotlin.jvm.JvmSynthetic
+        get() = com.google.protobuf.kotlin.DslList(
+          _builder.getSignaturesList()
+        )
+      /**
+       * <code>repeated bytes signatures = 3;</code>
+       * @param value The signatures to add.
+       */
+      @kotlin.jvm.JvmSynthetic
+      @kotlin.jvm.JvmName("addSignatures")
+      public fun com.google.protobuf.kotlin.DslList<com.google.protobuf.ByteString, SignaturesProxy>.add(value: com.google.protobuf.ByteString) {
+        _builder.addSignatures(value)
+      }/**
+       * <code>repeated bytes signatures = 3;</code>
+       * @param value The signatures to add.
+       */
+      @kotlin.jvm.JvmSynthetic
+      @kotlin.jvm.JvmName("plusAssignSignatures")
+      @Suppress("NOTHING_TO_INLINE")
+      public inline operator fun com.google.protobuf.kotlin.DslList<com.google.protobuf.ByteString, SignaturesProxy>.plusAssign(value: com.google.protobuf.ByteString) {
+        add(value)
+      }/**
+       * <code>repeated bytes signatures = 3;</code>
+       * @param values The signatures to add.
+       */
+      @kotlin.jvm.JvmSynthetic
+      @kotlin.jvm.JvmName("addAllSignatures")
+      public fun com.google.protobuf.kotlin.DslList<com.google.protobuf.ByteString, SignaturesProxy>.addAll(values: kotlin.collections.Iterable<com.google.protobuf.ByteString>) {
+        _builder.addAllSignatures(values)
+      }/**
+       * <code>repeated bytes signatures = 3;</code>
+       * @param values The signatures to add.
+       */
+      @kotlin.jvm.JvmSynthetic
+      @kotlin.jvm.JvmName("plusAssignAllSignatures")
+      @Suppress("NOTHING_TO_INLINE")
+      public inline operator fun com.google.protobuf.kotlin.DslList<com.google.protobuf.ByteString, SignaturesProxy>.plusAssign(values: kotlin.collections.Iterable<com.google.protobuf.ByteString>) {
+        addAll(values)
+      }/**
+       * <code>repeated bytes signatures = 3;</code>
+       * @param index The index to set the value at.
+       * @param value The signatures to set.
+       */
+      @kotlin.jvm.JvmSynthetic
+      @kotlin.jvm.JvmName("setSignatures")
+      public operator fun com.google.protobuf.kotlin.DslList<com.google.protobuf.ByteString, SignaturesProxy>.set(index: kotlin.Int, value: com.google.protobuf.ByteString) {
+        _builder.setSignatures(index, value)
+      }/**
+       * <code>repeated bytes signatures = 3;</code>
+       */
+      @kotlin.jvm.JvmSynthetic
+      @kotlin.jvm.JvmName("clearSignatures")
+      public fun com.google.protobuf.kotlin.DslList<com.google.protobuf.ByteString, SignaturesProxy>.clear() {
+        _builder.clearSignatures()
+      }
+      /**
+       * An uninstantiable, behaviorless type to represent the field in
+       * generics.
+       */
+      @kotlin.OptIn(com.google.protobuf.kotlin.OnlyForUseByGeneratedProtoCode::class)
+      public class SplitsProxy private constructor() : com.google.protobuf.kotlin.DslProxy()
+      /**
+       * <code>repeated .com.stevesoltys.seedvault.proto.Snapshot.Split splits = 4;</code>
+       */
+       public val splits: com.google.protobuf.kotlin.DslList<com.stevesoltys.seedvault.proto.Snapshot.Split, SplitsProxy>
+        @kotlin.jvm.JvmSynthetic
+        get() = com.google.protobuf.kotlin.DslList(
+          _builder.getSplitsList()
+        )
+      /**
+       * <code>repeated .com.stevesoltys.seedvault.proto.Snapshot.Split splits = 4;</code>
+       * @param value The splits to add.
+       */
+      @kotlin.jvm.JvmSynthetic
+      @kotlin.jvm.JvmName("addSplits")
+      public fun com.google.protobuf.kotlin.DslList<com.stevesoltys.seedvault.proto.Snapshot.Split, SplitsProxy>.add(value: com.stevesoltys.seedvault.proto.Snapshot.Split) {
+        _builder.addSplits(value)
+      }
+      /**
+       * <code>repeated .com.stevesoltys.seedvault.proto.Snapshot.Split splits = 4;</code>
+       * @param value The splits to add.
+       */
+      @kotlin.jvm.JvmSynthetic
+      @kotlin.jvm.JvmName("plusAssignSplits")
+      @Suppress("NOTHING_TO_INLINE")
+      public inline operator fun com.google.protobuf.kotlin.DslList<com.stevesoltys.seedvault.proto.Snapshot.Split, SplitsProxy>.plusAssign(value: com.stevesoltys.seedvault.proto.Snapshot.Split) {
+        add(value)
+      }
+      /**
+       * <code>repeated .com.stevesoltys.seedvault.proto.Snapshot.Split splits = 4;</code>
+       * @param values The splits to add.
+       */
+      @kotlin.jvm.JvmSynthetic
+      @kotlin.jvm.JvmName("addAllSplits")
+      public fun com.google.protobuf.kotlin.DslList<com.stevesoltys.seedvault.proto.Snapshot.Split, SplitsProxy>.addAll(values: kotlin.collections.Iterable<com.stevesoltys.seedvault.proto.Snapshot.Split>) {
+        _builder.addAllSplits(values)
+      }
+      /**
+       * <code>repeated .com.stevesoltys.seedvault.proto.Snapshot.Split splits = 4;</code>
+       * @param values The splits to add.
+       */
+      @kotlin.jvm.JvmSynthetic
+      @kotlin.jvm.JvmName("plusAssignAllSplits")
+      @Suppress("NOTHING_TO_INLINE")
+      public inline operator fun com.google.protobuf.kotlin.DslList<com.stevesoltys.seedvault.proto.Snapshot.Split, SplitsProxy>.plusAssign(values: kotlin.collections.Iterable<com.stevesoltys.seedvault.proto.Snapshot.Split>) {
+        addAll(values)
+      }
+      /**
+       * <code>repeated .com.stevesoltys.seedvault.proto.Snapshot.Split splits = 4;</code>
+       * @param index The index to set the value at.
+       * @param value The splits to set.
+       */
+      @kotlin.jvm.JvmSynthetic
+      @kotlin.jvm.JvmName("setSplits")
+      public operator fun com.google.protobuf.kotlin.DslList<com.stevesoltys.seedvault.proto.Snapshot.Split, SplitsProxy>.set(index: kotlin.Int, value: com.stevesoltys.seedvault.proto.Snapshot.Split) {
+        _builder.setSplits(index, value)
+      }
+      /**
+       * <code>repeated .com.stevesoltys.seedvault.proto.Snapshot.Split splits = 4;</code>
+       */
+      @kotlin.jvm.JvmSynthetic
+      @kotlin.jvm.JvmName("clearSplits")
+      public fun com.google.protobuf.kotlin.DslList<com.stevesoltys.seedvault.proto.Snapshot.Split, SplitsProxy>.clear() {
+        _builder.clearSplits()
+      }
+    }
+  }
+  @kotlin.jvm.JvmName("-initializesplit")
+  public inline fun split(block: com.stevesoltys.seedvault.proto.SnapshotKt.SplitKt.Dsl.() -> kotlin.Unit): com.stevesoltys.seedvault.proto.Snapshot.Split =
+    com.stevesoltys.seedvault.proto.SnapshotKt.SplitKt.Dsl._create(com.stevesoltys.seedvault.proto.Snapshot.Split.newBuilder()).apply { block() }._build()
+  public object SplitKt {
+    @kotlin.OptIn(com.google.protobuf.kotlin.OnlyForUseByGeneratedProtoCode::class)
+    @com.google.protobuf.kotlin.ProtoDslMarker
+    public class Dsl private constructor(
+      private val _builder: com.stevesoltys.seedvault.proto.Snapshot.Split.Builder
+    ) {
+      public companion object {
+        @kotlin.jvm.JvmSynthetic
+        @kotlin.PublishedApi
+        internal fun _create(builder: com.stevesoltys.seedvault.proto.Snapshot.Split.Builder): Dsl = Dsl(builder)
+      }
+
+      @kotlin.jvm.JvmSynthetic
+      @kotlin.PublishedApi
+      internal fun _build(): com.stevesoltys.seedvault.proto.Snapshot.Split = _builder.build()
+
+      /**
+       * <code>string name = 1;</code>
+       */
+      public var name: kotlin.String
+        @JvmName("getName")
+        get() = _builder.getName()
+        @JvmName("setName")
+        set(value) {
+          _builder.setName(value)
+        }
+      /**
+       * <code>string name = 1;</code>
+       */
+      public fun clearName() {
+        _builder.clearName()
+      }
+
+      /**
+       * An uninstantiable, behaviorless type to represent the field in
+       * generics.
+       */
+      @kotlin.OptIn(com.google.protobuf.kotlin.OnlyForUseByGeneratedProtoCode::class)
+      public class ChunkIdsProxy private constructor() : com.google.protobuf.kotlin.DslProxy()
+      /**
+       * <code>repeated bytes chunkIds = 2;</code>
+       */
+       public val chunkIds: com.google.protobuf.kotlin.DslList<com.google.protobuf.ByteString, ChunkIdsProxy>
+        @kotlin.jvm.JvmSynthetic
+        get() = com.google.protobuf.kotlin.DslList(
+          _builder.getChunkIdsList()
+        )
+      /**
+       * <code>repeated bytes chunkIds = 2;</code>
+       * @param value The chunkIds to add.
+       */
+      @kotlin.jvm.JvmSynthetic
+      @kotlin.jvm.JvmName("addChunkIds")
+      public fun com.google.protobuf.kotlin.DslList<com.google.protobuf.ByteString, ChunkIdsProxy>.add(value: com.google.protobuf.ByteString) {
+        _builder.addChunkIds(value)
+      }/**
+       * <code>repeated bytes chunkIds = 2;</code>
+       * @param value The chunkIds to add.
+       */
+      @kotlin.jvm.JvmSynthetic
+      @kotlin.jvm.JvmName("plusAssignChunkIds")
+      @Suppress("NOTHING_TO_INLINE")
+      public inline operator fun com.google.protobuf.kotlin.DslList<com.google.protobuf.ByteString, ChunkIdsProxy>.plusAssign(value: com.google.protobuf.ByteString) {
+        add(value)
+      }/**
+       * <code>repeated bytes chunkIds = 2;</code>
+       * @param values The chunkIds to add.
+       */
+      @kotlin.jvm.JvmSynthetic
+      @kotlin.jvm.JvmName("addAllChunkIds")
+      public fun com.google.protobuf.kotlin.DslList<com.google.protobuf.ByteString, ChunkIdsProxy>.addAll(values: kotlin.collections.Iterable<com.google.protobuf.ByteString>) {
+        _builder.addAllChunkIds(values)
+      }/**
+       * <code>repeated bytes chunkIds = 2;</code>
+       * @param values The chunkIds to add.
+       */
+      @kotlin.jvm.JvmSynthetic
+      @kotlin.jvm.JvmName("plusAssignAllChunkIds")
+      @Suppress("NOTHING_TO_INLINE")
+      public inline operator fun com.google.protobuf.kotlin.DslList<com.google.protobuf.ByteString, ChunkIdsProxy>.plusAssign(values: kotlin.collections.Iterable<com.google.protobuf.ByteString>) {
+        addAll(values)
+      }/**
+       * <code>repeated bytes chunkIds = 2;</code>
+       * @param index The index to set the value at.
+       * @param value The chunkIds to set.
+       */
+      @kotlin.jvm.JvmSynthetic
+      @kotlin.jvm.JvmName("setChunkIds")
+      public operator fun com.google.protobuf.kotlin.DslList<com.google.protobuf.ByteString, ChunkIdsProxy>.set(index: kotlin.Int, value: com.google.protobuf.ByteString) {
+        _builder.setChunkIds(index, value)
+      }/**
+       * <code>repeated bytes chunkIds = 2;</code>
+       */
+      @kotlin.jvm.JvmSynthetic
+      @kotlin.jvm.JvmName("clearChunkIds")
+      public fun com.google.protobuf.kotlin.DslList<com.google.protobuf.ByteString, ChunkIdsProxy>.clear() {
+        _builder.clearChunkIds()
+      }}
+  }
+  @kotlin.jvm.JvmName("-initializeblob")
+  public inline fun blob(block: com.stevesoltys.seedvault.proto.SnapshotKt.BlobKt.Dsl.() -> kotlin.Unit): com.stevesoltys.seedvault.proto.Snapshot.Blob =
+    com.stevesoltys.seedvault.proto.SnapshotKt.BlobKt.Dsl._create(com.stevesoltys.seedvault.proto.Snapshot.Blob.newBuilder()).apply { block() }._build()
+  public object BlobKt {
+    @kotlin.OptIn(com.google.protobuf.kotlin.OnlyForUseByGeneratedProtoCode::class)
+    @com.google.protobuf.kotlin.ProtoDslMarker
+    public class Dsl private constructor(
+      private val _builder: com.stevesoltys.seedvault.proto.Snapshot.Blob.Builder
+    ) {
+      public companion object {
+        @kotlin.jvm.JvmSynthetic
+        @kotlin.PublishedApi
+        internal fun _create(builder: com.stevesoltys.seedvault.proto.Snapshot.Blob.Builder): Dsl = Dsl(builder)
+      }
+
+      @kotlin.jvm.JvmSynthetic
+      @kotlin.PublishedApi
+      internal fun _build(): com.stevesoltys.seedvault.proto.Snapshot.Blob = _builder.build()
+
+      /**
+       * <code>bytes id = 1;</code>
+       */
+      public var id: com.google.protobuf.ByteString
+        @JvmName("getId")
+        get() = _builder.getId()
+        @JvmName("setId")
+        set(value) {
+          _builder.setId(value)
+        }
+      /**
+       * <code>bytes id = 1;</code>
+       */
+      public fun clearId() {
+        _builder.clearId()
+      }
+
+      /**
+       * <code>uint32 length = 2;</code>
+       */
+      public var length: kotlin.Int
+        @JvmName("getLength")
+        get() = _builder.getLength()
+        @JvmName("setLength")
+        set(value) {
+          _builder.setLength(value)
+        }
+      /**
+       * <code>uint32 length = 2;</code>
+       */
+      public fun clearLength() {
+        _builder.clearLength()
+      }
+
+      /**
+       * <code>uint32 uncompressedLength = 3;</code>
+       */
+      public var uncompressedLength: kotlin.Int
+        @JvmName("getUncompressedLength")
+        get() = _builder.getUncompressedLength()
+        @JvmName("setUncompressedLength")
+        set(value) {
+          _builder.setUncompressedLength(value)
+        }
+      /**
+       * <code>uint32 uncompressedLength = 3;</code>
+       */
+      public fun clearUncompressedLength() {
+        _builder.clearUncompressedLength()
+      }
+    }
+  }
+}
+public inline fun com.stevesoltys.seedvault.proto.Snapshot.copy(block: com.stevesoltys.seedvault.proto.SnapshotKt.Dsl.() -> kotlin.Unit): com.stevesoltys.seedvault.proto.Snapshot =
+  com.stevesoltys.seedvault.proto.SnapshotKt.Dsl._create(this.toBuilder()).apply { block() }._build()
+
+public inline fun com.stevesoltys.seedvault.proto.Snapshot.App.copy(block: com.stevesoltys.seedvault.proto.SnapshotKt.AppKt.Dsl.() -> kotlin.Unit): com.stevesoltys.seedvault.proto.Snapshot.App =
+  com.stevesoltys.seedvault.proto.SnapshotKt.AppKt.Dsl._create(this.toBuilder()).apply { block() }._build()
+
+public val com.stevesoltys.seedvault.proto.Snapshot.AppOrBuilder.apkOrNull: com.stevesoltys.seedvault.proto.Snapshot.Apk?
+  get() = if (hasApk()) getApk() else null
+
+public inline fun com.stevesoltys.seedvault.proto.Snapshot.Apk.copy(block: com.stevesoltys.seedvault.proto.SnapshotKt.ApkKt.Dsl.() -> kotlin.Unit): com.stevesoltys.seedvault.proto.Snapshot.Apk =
+  com.stevesoltys.seedvault.proto.SnapshotKt.ApkKt.Dsl._create(this.toBuilder()).apply { block() }._build()
+
+public inline fun com.stevesoltys.seedvault.proto.Snapshot.Split.copy(block: com.stevesoltys.seedvault.proto.SnapshotKt.SplitKt.Dsl.() -> kotlin.Unit): com.stevesoltys.seedvault.proto.Snapshot.Split =
+  com.stevesoltys.seedvault.proto.SnapshotKt.SplitKt.Dsl._create(this.toBuilder()).apply { block() }._build()
+
+public inline fun com.stevesoltys.seedvault.proto.Snapshot.Blob.copy(block: com.stevesoltys.seedvault.proto.SnapshotKt.BlobKt.Dsl.() -> kotlin.Unit): com.stevesoltys.seedvault.proto.Snapshot.Blob =
+  com.stevesoltys.seedvault.proto.SnapshotKt.BlobKt.Dsl._create(this.toBuilder()).apply { block() }._build()
+

app/development/DEVELOPMENT.md

@@ -0,0 +1,50 @@
+# Development
+
+## Using an emulator
+
+It is possible to install and run Seedvault in an emulator. This is likely the path of least resistance, since you don't need to build AOSP from source to make and test code changes.
+
+It's also helpful for quickly testing Seedvault on newer versions of Android.
+Please note that this process has only been tested on Linux.
+
+### Setup
+
+After opening the project in Android Studio, try running the `app:provisionEmulator` Gradle task.
+
+This task runs the script in `scripts/provision_emulator.sh`:
+
+```bash
+./app/development/scripts/provision_emulator.sh "seedvault" "system-images;android-33;google_apis;x86_64"
+```   
+
+### Starting the emulator
+
+You should use the Gradle task `app:startEmulator` to develop with the emulator. This is to ensure  
+the `-writable-system` flag is set when the emulator starts (required to install Seedvault).
+
+This task runs the script in `scripts/start_emulator.sh`:
+
+```bash  
+./app/development/scripts/start_emulator.sh "seedvault"
+```  
+
+### Testing changes
+
+Once the emulator is provisioned and running, you should be able to use the `app:installEmulatorRelease`  
+Gradle task to install updates.
+
+This task depends on `app:assembleRelease` and runs the script in `scripts/install_app.sh`:
+
+```bash
+./app/development/scripts/install_app.sh
+```
+
+There's also an Android Studio [runtime configuration](https://developer.android.com/studio/run/rundebugconfig) `app-emulator` which will build, install, and automatically launch the `com.stevesoltys.seedvault.settings.SettingsActivity` as if you clicked `Backup` in settings.
+
+### Notes
+
+The `MANAGE_DOCUMENTS` permission will not be granted unless you are using a base AOSP    
+image. Currently by default we are using the `google-apis` version of the image, which does not provide the    
+permission because it is not signed with the test platform key.
+
+The [generic AOSP images](https://developer.android.com/topic/generic-system-image/releases) are signed with the test platform key, but at the time of writing there is no AOSP emulator image for Android 13 in the default SDK manager repositories. 

app/development/scripts/clear_app_data.sh

@@ -0,0 +1,26 @@
+#!/usr/bin/env bash
+#
+# SPDX-FileCopyrightText: 2023 The Calyx Institute
+# SPDX-License-Identifier: Apache-2.0
+#
+
+# assert ANDROID_HOME is set
+if [ -z "$ANDROID_HOME" ]; then
+  echo "ANDROID_HOME is not set"
+  exit 1
+fi
+
+SCRIPT_DIR=$(cd -- "$(dirname -- "${BASH_SOURCE[0]}")" &>/dev/null && pwd)
+DEVELOPMENT_DIR=$SCRIPT_DIR/..
+ROOT_PROJECT_DIR=$SCRIPT_DIR/../../..
+
+EMULATOR_DEVICE_NAME=$($ANDROID_HOME/platform-tools/adb devices | grep emulator | cut -f1)
+
+if [ -z "$EMULATOR_DEVICE_NAME" ]; then
+  echo "Emulator device name not found"
+  exit 1
+fi
+
+ADB="$ANDROID_HOME/platform-tools/adb -s $EMULATOR_DEVICE_NAME"
+
+$ADB shell pm clear com.stevesoltys.seedvault

app/development/scripts/install_app.sh

@@ -0,0 +1,36 @@
+#!/usr/bin/env bash
+#
+# SPDX-FileCopyrightText: 2023 The Calyx Institute
+# SPDX-License-Identifier: Apache-2.0
+#
+
+# assert ANDROID_HOME is set
+if [ -z "$ANDROID_HOME" ]; then
+  echo "ANDROID_HOME is not set"
+  exit 1
+fi
+
+SCRIPT_DIR=$(cd -- "$(dirname -- "${BASH_SOURCE[0]}")" &>/dev/null && pwd)
+ROOT_PROJECT_DIR=$SCRIPT_DIR/../../..
+
+EMULATOR_DEVICE_NAME=$("$ANDROID_HOME"/platform-tools/adb devices | grep emulator | cut -f1)
+
+if [ -z "$EMULATOR_DEVICE_NAME" ]; then
+  echo "Emulator device name not found"
+  exit 1
+fi
+
+ADB="$ANDROID_HOME/platform-tools/adb -s $EMULATOR_DEVICE_NAME"
+
+$ADB root
+sleep 3      # wait for adb to restart
+$ADB remount # remount /system as writable
+
+echo "Installing Seedvault app..."
+$ADB shell mkdir -p /system/priv-app/Seedvault
+$ADB push "$ROOT_PROJECT_DIR"/app/build/outputs/apk/release/app-release.apk /system/priv-app/Seedvault/Seedvault.apk
+
+echo "Installing Seedvault permissions..."
+$ADB push "$ROOT_PROJECT_DIR"/permissions_com.stevesoltys.seedvault.xml /system/etc/permissions/privapp-permissions-seedvault.xml
+$ADB push "$ROOT_PROJECT_DIR"/allowlist_com.stevesoltys.seedvault.xml /system/etc/sysconfig/allowlist-seedvault.xml
+$ADB shell am broadcast -a android.intent.action.BOOT_COMPLETED

app/development/scripts/provision_emulator.sh

@@ -0,0 +1,103 @@
+#!/usr/bin/env bash
+#
+# SPDX-FileCopyrightText: 2023 The Calyx Institute
+# SPDX-License-Identifier: Apache-2.0
+#
+
+# assert ANDROID_HOME is set
+if [ -z "$ANDROID_HOME" ]; then
+  echo "ANDROID_HOME is not set"
+  exit 1
+fi
+
+# assert 2 parameters are provided
+if [ $# -ne 2 ]; then
+  echo "Usage: $0 <emulator_name> <system_image>"
+  exit 1
+fi
+
+EMULATOR_NAME=$1
+SYSTEM_IMAGE=$2
+
+SCRIPT_DIR=$(cd -- "$(dirname -- "${BASH_SOURCE[0]}")" &>/dev/null && pwd)
+
+echo "Downloading system image..."
+yes | "$ANDROID_HOME"/cmdline-tools/latest/bin/sdkmanager --install "$SYSTEM_IMAGE"
+
+# create AVD if it doesn't exist
+if "$ANDROID_HOME"/cmdline-tools/latest/bin/avdmanager list avd | grep -q "$EMULATOR_NAME"; then
+  echo "AVD already exists. Skipping creation."
+else
+  echo "Creating AVD..."
+  echo 'no' | "$ANDROID_HOME"/cmdline-tools/latest/bin/avdmanager create avd -n "$EMULATOR_NAME" -k "$SYSTEM_IMAGE"
+  sleep 1
+fi
+
+EMULATOR_DEVICE_NAME=$("$ANDROID_HOME"/platform-tools/adb devices | grep emulator | cut -f1)
+
+if [ -z "$EMULATOR_DEVICE_NAME" ]; then
+    "$SCRIPT_DIR"/start_emulator.sh "$EMULATOR_NAME"
+fi
+
+# wait for emulator device to appear with 180 second timeout
+echo "Waiting for emulator device..."
+
+for i in {1..180}; do
+  if [ -z "$EMULATOR_DEVICE_NAME" ]; then
+    sleep 1
+    EMULATOR_DEVICE_NAME=$("$ANDROID_HOME"/platform-tools/adb devices | grep emulator | cut -f1)
+  else
+    break
+  fi
+done
+
+if [ -z "$EMULATOR_DEVICE_NAME" ]; then
+  echo "Emulator device name not found"
+  exit 1
+fi
+
+ADB="$ANDROID_HOME/platform-tools/adb -s $EMULATOR_DEVICE_NAME"
+
+echo "Waiting for emulator to boot..."
+$ADB wait-for-device shell 'while [[ -z $(getprop sys.boot_completed) ]]; do sleep 1; done;'
+
+echo "Provisioning emulator for write access to '/system'..."
+$ADB root
+sleep 3      # wait for adb to restart
+$ADB remount # remount /system as writable
+
+echo "Rebooting emulator..."
+$ADB reboot # need to reboot first time we remount
+$ADB wait-for-device shell 'while [[ -z $(getprop sys.boot_completed) ]]; do sleep 1; done;'
+
+echo "Provisioning emulator for Seedvault..."
+"$SCRIPT_DIR"/install_app.sh
+
+echo "Rebooting emulator..."
+$ADB reboot
+$ADB wait-for-device shell 'while [[ -z $(getprop sys.boot_completed) ]]; do sleep 1; done;'
+
+echo "Disabling backup..."
+$ADB shell bmgr enable false
+
+echo "Downloading and extracting test backup to '/sdcard/seedvault_baseline'..."
+
+if [ ! -f backup.tar.gz ]; then
+  echo "Downloading test backup..."
+  wget --quiet https://github.com/seedvault-app/seedvault-test-data/releases/download/3/backup.tar.gz
+fi
+
+$ADB root
+sleep 3      # wait for adb to restart
+$ADB push backup.tar.gz /sdcard
+rm backup.tar.gz
+
+$ADB wait-for-device
+$ADB shell mkdir -p /sdcard/seedvault_baseline
+$ADB shell tar xzf /sdcard/backup.tar.gz --directory=/sdcard/seedvault_baseline
+$ADB shell rm /sdcard/backup.tar.gz
+
+# sometimes a system dialog (e.g. launcher stopped) is showing and taking focus
+$ADB shell am broadcast -a android.intent.action.CLOSE_SYSTEM_DIALOGS
+
+echo "Emulator '$EMULATOR_NAME' has been provisioned with Seedvault!"

app/development/scripts/start_emulator.sh

@@ -0,0 +1,22 @@
+#!/usr/bin/env bash
+#
+# SPDX-FileCopyrightText: 2023 The Calyx Institute
+# SPDX-License-Identifier: Apache-2.0
+#
+
+# assert ANDROID_HOME is set
+if [ -z "$ANDROID_HOME" ]; then
+  echo "ANDROID_HOME is not set"
+  exit 1
+fi
+
+# assert 1 parameter is provided
+if [ $# -ne 1 ]; then
+  echo "Usage: $0 <emulator_name>"
+  exit 1
+fi
+
+EMULATOR_NAME=$1
+
+echo "Starting emulator..."
+nohup $ANDROID_HOME/emulator/emulator -avd "$EMULATOR_NAME" -gpu swiftshader_indirect -writable-system >/dev/null 2>&1 &

app/lint.xml

@@ -1,4 +1,9 @@
 <?xml version="1.0" encoding="UTF-8"?>
+<!--
+  SPDX-FileCopyrightText: 2020 The Calyx Institute
+  SPDX-License-Identifier: Apache-2.0
+  -->
 <lint>
     <issue id="MissingTranslation" severity="ignore" />
+    <issue id="ExtraTranslation" severity="ignore" />
 </lint>

app/src/androidTest/AndroidManifest.xml

@@ -1,6 +1,8 @@
 <?xml version="1.0" encoding="utf-8"?>
-<manifest xmlns:android="http://schemas.android.com/apk/res/android"
-    package="com.stevesoltys.seedvault">
-
+<!--
+  SPDX-FileCopyrightText: 2020 The Calyx Institute
+  SPDX-License-Identifier: Apache-2.0
+  -->
+<manifest xmlns:android="http://schemas.android.com/apk/res/android">
     <application android:extractNativeLibs="true" />
 </manifest>

app/src/androidTest/java/com/stevesoltys/seedvault/CipherUniqueNonceTest.kt

@@ -1,33 +0,0 @@
-package com.stevesoltys.seedvault
-
-import android.util.Log
-import androidx.test.ext.junit.runners.AndroidJUnit4
-import androidx.test.filters.LargeTest
-import com.stevesoltys.seedvault.crypto.CipherFactoryImpl
-import com.stevesoltys.seedvault.crypto.KeyManagerTestImpl
-import org.junit.Assert.assertTrue
-import org.junit.Test
-import org.junit.runner.RunWith
-
-private val TAG = CipherUniqueNonceTest::class.java.simpleName
-private const val ITERATIONS = 1_000_000
-
-@LargeTest
-@RunWith(AndroidJUnit4::class)
-class CipherUniqueNonceTest {
-
-    private val keyManager = KeyManagerTestImpl()
-    private val cipherFactory = CipherFactoryImpl(keyManager)
-
-    private val nonceSet = HashSet<ByteArray>()
-
-    @Test
-    fun testUniqueNonce() {
-        for (i in 1..ITERATIONS) {
-            val iv = cipherFactory.createEncryptionCipher().iv
-            Log.w(TAG, "$i: ${iv.toHexString()}")
-            assertTrue(nonceSet.add(iv))
-        }
-    }
-
-}

app/src/androidTest/java/com/stevesoltys/seedvault/KoinInstrumentationTestApp.kt

@@ -0,0 +1,83 @@
+/*
+ * SPDX-FileCopyrightText: 2023 The Calyx Institute
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+package com.stevesoltys.seedvault
+
+import com.stevesoltys.seedvault.restore.RestoreViewModel
+import com.stevesoltys.seedvault.settings.SettingsManager
+import com.stevesoltys.seedvault.transport.backup.FullBackup
+import com.stevesoltys.seedvault.transport.backup.InputFactory
+import com.stevesoltys.seedvault.transport.backup.KVBackup
+import com.stevesoltys.seedvault.transport.backup.PackageService
+import com.stevesoltys.seedvault.transport.restore.FullRestore
+import com.stevesoltys.seedvault.transport.restore.KVRestore
+import com.stevesoltys.seedvault.transport.restore.OutputFactory
+import com.stevesoltys.seedvault.ui.notification.BackupNotificationManager
+import com.stevesoltys.seedvault.ui.storage.BackupStorageViewModel
+import com.stevesoltys.seedvault.ui.storage.RestoreStorageViewModel
+import io.mockk.spyk
+import org.koin.androidx.viewmodel.dsl.viewModel
+import org.koin.core.module.Module
+import org.koin.dsl.module
+
+internal var currentRestoreViewModel: RestoreViewModel? = null
+internal var currentBackupStorageViewModel: BackupStorageViewModel? = null
+internal var currentRestoreStorageViewModel: RestoreStorageViewModel? = null
+
+class KoinInstrumentationTestApp : App() {
+
+    override fun appModules(): List<Module> {
+        val testModule = module {
+            val context = this@KoinInstrumentationTestApp
+
+            single { spyk(PackageService(context, get(), get())) }
+            single { spyk(SettingsManager(context)) }
+
+            single { spyk(BackupNotificationManager(context)) }
+            single { spyk(FullBackup(get(), get(), get(), get())) }
+            single { spyk(KVBackup(get(), get(), get())) }
+            single { spyk(InputFactory()) }
+
+            single { spyk(FullRestore(get(), get(), get(), get(), get(), get())) }
+            single { spyk(KVRestore(get(), get(), get(), get(), get(), get(), get())) }
+            single { spyk(OutputFactory()) }
+
+            viewModel {
+                currentRestoreViewModel =
+                    spyk(
+                        RestoreViewModel(
+                            app = context,
+                            settingsManager = get(),
+                            keyManager = get(),
+                            backupManager = get(),
+                            restoreCoordinator = get(),
+                            appBackupManager = get(),
+                            apkRestore = get(),
+                            iconManager = get(),
+                            storageBackup = get(),
+                            backendManager = get(),
+                            fileSelectionManager = get(),
+                        )
+                    )
+                currentRestoreViewModel!!
+            }
+
+            viewModel {
+                val viewModel =
+                    BackupStorageViewModel(context, get(), get(), get(), get(), get(), get(), get())
+                currentBackupStorageViewModel = spyk(viewModel)
+                currentBackupStorageViewModel!!
+            }
+
+            viewModel {
+                currentRestoreStorageViewModel =
+                    spyk(RestoreStorageViewModel(context, get(), get(), get(), get()))
+                currentRestoreStorageViewModel!!
+            }
+        }
+
+        return super.appModules().plus(testModule)
+    }
+}

app/src/androidTest/java/com/stevesoltys/seedvault/KoinInstrumentationTestRunner.kt

@@ -0,0 +1,25 @@
+/*
+ * SPDX-FileCopyrightText: 2023 The Calyx Institute
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+package com.stevesoltys.seedvault
+
+import android.app.Application
+import android.content.Context
+import androidx.test.runner.AndroidJUnitRunner
+
+class KoinInstrumentationTestRunner : AndroidJUnitRunner() {
+
+    override fun newApplication(
+        classLoader: ClassLoader?,
+        className: String?,
+        context: Context?,
+    ): Application {
+        return super.newApplication(
+            classLoader,
+            KoinInstrumentationTestApp::class.java.name,
+            context
+        )
+    }
+}

app/src/androidTest/java/com/stevesoltys/seedvault/PluginTest.kt

@@ -1,87 +1,84 @@
+/*
+ * SPDX-FileCopyrightText: 2020 The Calyx Institute
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
 package com.stevesoltys.seedvault
 
 import androidx.test.core.content.pm.PackageInfoBuilder
 import androidx.test.ext.junit.runners.AndroidJUnit4
+import androidx.test.filters.MediumTest
 import androidx.test.platform.app.InstrumentationRegistry
-import com.stevesoltys.seedvault.plugins.saf.DocumentsProviderBackupPlugin
-import com.stevesoltys.seedvault.plugins.saf.DocumentsProviderFullBackup
-import com.stevesoltys.seedvault.plugins.saf.DocumentsProviderFullRestorePlugin
-import com.stevesoltys.seedvault.plugins.saf.DocumentsProviderKVBackup
-import com.stevesoltys.seedvault.plugins.saf.DocumentsProviderKVRestorePlugin
-import com.stevesoltys.seedvault.plugins.saf.DocumentsProviderRestorePlugin
-import com.stevesoltys.seedvault.plugins.saf.DocumentsStorage
-import com.stevesoltys.seedvault.plugins.saf.MAX_KEY_LENGTH
-import com.stevesoltys.seedvault.plugins.saf.MAX_KEY_LENGTH_NEXTCLOUD
-import com.stevesoltys.seedvault.plugins.saf.deleteContents
+import com.stevesoltys.seedvault.backend.LegacyStoragePlugin
+import com.stevesoltys.seedvault.backend.saf.DocumentsProviderLegacyPlugin
+import com.stevesoltys.seedvault.backend.saf.DocumentsStorage
 import com.stevesoltys.seedvault.settings.SettingsManager
-import com.stevesoltys.seedvault.transport.backup.BackupPlugin
-import com.stevesoltys.seedvault.transport.backup.FullBackupPlugin
-import com.stevesoltys.seedvault.transport.backup.KVBackupPlugin
-import com.stevesoltys.seedvault.transport.restore.FullRestorePlugin
-import com.stevesoltys.seedvault.transport.restore.KVRestorePlugin
-import com.stevesoltys.seedvault.transport.restore.RestorePlugin
 import io.mockk.every
 import io.mockk.mockk
 import kotlinx.coroutines.Dispatchers
 import kotlinx.coroutines.runBlocking
+import org.calyxos.seedvault.core.backends.LegacyAppBackupFile
+import org.calyxos.seedvault.core.backends.saf.SafBackend
 import org.junit.After
 import org.junit.Assert.assertEquals
-import org.junit.Assert.assertFalse
 import org.junit.Assert.assertNotNull
 import org.junit.Assert.assertTrue
 import org.junit.Before
 import org.junit.Test
 import org.junit.runner.RunWith
-import org.koin.core.KoinComponent
-import org.koin.core.inject
-import java.io.IOException
-import kotlin.random.Random
+import org.koin.core.component.KoinComponent
+import org.koin.core.component.inject
 
 @RunWith(AndroidJUnit4::class)
-@Suppress("BlockingMethodInNonBlockingContext")
+@MediumTest
 class PluginTest : KoinComponent {
 
     private val context = InstrumentationRegistry.getInstrumentation().targetContext
     private val settingsManager: SettingsManager by inject()
     private val mockedSettingsManager: SettingsManager = mockk()
-    private val storage = DocumentsStorage(context, mockedSettingsManager)
-
-    private val kvBackupPlugin: KVBackupPlugin = DocumentsProviderKVBackup(context, storage)
-    private val fullBackupPlugin: FullBackupPlugin = DocumentsProviderFullBackup(context, storage)
-    private val backupPlugin: BackupPlugin = DocumentsProviderBackupPlugin(
-        context,
-        storage,
-        kvBackupPlugin,
-        fullBackupPlugin
+    private val storage = DocumentsStorage(
+        appContext = context,
+        safStorage = settingsManager.getSafProperties() ?: error("No SAF storage"),
     )
 
-    private val kvRestorePlugin: KVRestorePlugin =
-        DocumentsProviderKVRestorePlugin(context, storage)
-    private val fullRestorePlugin: FullRestorePlugin =
-        DocumentsProviderFullRestorePlugin(context, storage)
-    private val restorePlugin: RestorePlugin =
-        DocumentsProviderRestorePlugin(context, storage, kvRestorePlugin, fullRestorePlugin)
+    private val backend = SafBackend(context, storage.safStorage)
 
-    private val token = Random.nextLong()
+    @Suppress("Deprecation")
+    private val legacyStoragePlugin: LegacyStoragePlugin = DocumentsProviderLegacyPlugin(context) {
+        storage
+    }
+
+    private val token = System.currentTimeMillis() - 365L * 24L * 60L * 60L * 1000L
     private val packageInfo = PackageInfoBuilder.newBuilder().setPackageName("org.example").build()
     private val packageInfo2 = PackageInfoBuilder.newBuilder().setPackageName("net.example").build()
 
     @Before
     fun setup() = runBlocking {
-        every { mockedSettingsManager.getStorage() } returns settingsManager.getStorage()
-        storage.rootBackupDir?.deleteContents(context)
-            ?: error("Select a storage location in the app first!")
+        every {
+            mockedSettingsManager.getSafProperties()
+        } returns settingsManager.getSafProperties()
+        backend.removeAll()
     }
 
     @After
     fun tearDown() = runBlocking {
-        storage.rootBackupDir?.deleteContents(context)
-        Unit
+        backend.removeAll()
     }
 
     @Test
     fun testProviderPackageName() {
-        assertNotNull(backupPlugin.providerPackageName)
+        assertNotNull(backend.providerPackageName)
+    }
+
+    @Test
+    fun testTest() = runBlocking(Dispatchers.IO) {
+        assertTrue(backend.test())
+    }
+
+    @Test
+    fun testGetFreeSpace() = runBlocking(Dispatchers.IO) {
+        val freeBytes = backend.getFreeSpace() ?: error("no free space retrieved")
+        assertTrue(freeBytes > 0)
     }
 
     /**
@@ -94,260 +91,116 @@ class PluginTest : KoinComponent {
     @Test
     fun testInitializationAndRestoreSets() = runBlocking(Dispatchers.IO) {
         // no backups available initially
-        assertEquals(0, restorePlugin.getAvailableBackups()?.toList()?.size)
-        val uri = settingsManager.getStorage()?.getDocumentFile(context)?.uri ?: error("no storage")
-        assertFalse(restorePlugin.hasBackup(uri))
+        assertEquals(0, backend.getAvailableBackupFileHandles().toList().size)
 
         // prepare returned tokens requested when initializing device
-        every { mockedSettingsManager.getToken() } returnsMany listOf(token, token + 1, token + 1)
-
-        // start new restore set and initialize device afterwards
-        backupPlugin.startNewRestoreSet(token)
-        backupPlugin.initializeDevice()
+        every { mockedSettingsManager.token } returnsMany listOf(token, token + 1, token + 1)
 
         // write metadata (needed for backup to be recognized)
-        backupPlugin.getMetadataOutputStream().writeAndClose(getRandomByteArray())
+        backend.save(LegacyAppBackupFile.Metadata(token))
+            .writeAndClose(getRandomByteArray())
 
         // one backup available now
-        assertEquals(1, restorePlugin.getAvailableBackups()?.toList()?.size)
-        assertTrue(restorePlugin.hasBackup(uri))
+        assertEquals(1, backend.getAvailableBackupFileHandles().toList().size)
 
         // initializing again (with another restore set) does add a restore set
-        backupPlugin.startNewRestoreSet(token + 1)
-        backupPlugin.initializeDevice()
-        backupPlugin.getMetadataOutputStream().writeAndClose(getRandomByteArray())
-        assertEquals(2, restorePlugin.getAvailableBackups()?.toList()?.size)
-        assertTrue(restorePlugin.hasBackup(uri))
+        backend.save(LegacyAppBackupFile.Metadata(token + 1))
+            .writeAndClose(getRandomByteArray())
+        assertEquals(2, backend.getAvailableBackupFileHandles().toList().size)
 
         // initializing again (without new restore set) doesn't change number of restore sets
-        backupPlugin.initializeDevice()
-        backupPlugin.getMetadataOutputStream().writeAndClose(getRandomByteArray())
-        assertEquals(2, restorePlugin.getAvailableBackups()?.toList()?.size)
-
-        // ensure that the new backup dirs exist
-        assertTrue(storage.currentKvBackupDir!!.exists())
-        assertTrue(storage.currentFullBackupDir!!.exists())
+        backend.save(LegacyAppBackupFile.Metadata(token + 1))
+            .writeAndClose(getRandomByteArray())
+        assertEquals(2, backend.getAvailableBackupFileHandles().toList().size)
     }
 
     @Test
     fun testMetadataWriteRead() = runBlocking(Dispatchers.IO) {
-        every { mockedSettingsManager.getToken() } returns token
-
-        backupPlugin.startNewRestoreSet(token)
-        backupPlugin.initializeDevice()
+        every { mockedSettingsManager.token } returns token
 
         // write metadata
         val metadata = getRandomByteArray()
-        backupPlugin.getMetadataOutputStream().writeAndClose(metadata)
+        backend.save(LegacyAppBackupFile.Metadata(token)).writeAndClose(metadata)
 
         // get available backups, expect only one with our token and no error
-        var availableBackups = restorePlugin.getAvailableBackups()?.toList()
-        check(availableBackups != null)
+        var availableBackups = backend.getAvailableBackupFileHandles().toList()
         assertEquals(1, availableBackups.size)
-        assertEquals(token, availableBackups[0].token)
-        assertFalse(availableBackups[0].error)
+        var backupHandle = availableBackups[0] as LegacyAppBackupFile.Metadata
+        assertEquals(token, backupHandle.token)
 
         // read metadata matches what was written earlier
-        assertReadEquals(metadata, availableBackups[0].inputStream)
+        assertReadEquals(metadata, backend.load(backupHandle))
 
         // initializing again (without changing storage) keeps restore set with same token
-        backupPlugin.initializeDevice()
-        backupPlugin.getMetadataOutputStream().writeAndClose(metadata)
-        availableBackups = restorePlugin.getAvailableBackups()?.toList()
-        check(availableBackups != null)
+        backend.save(LegacyAppBackupFile.Metadata(token)).writeAndClose(metadata)
+        availableBackups = backend.getAvailableBackupFileHandles().toList()
         assertEquals(1, availableBackups.size)
-        assertEquals(token, availableBackups[0].token)
-        assertFalse(availableBackups[0].error)
+        backupHandle = availableBackups[0] as LegacyAppBackupFile.Metadata
+        assertEquals(token, backupHandle.token)
 
         // metadata hasn't changed
-        assertReadEquals(metadata, availableBackups[0].inputStream)
+        assertReadEquals(metadata, backend.load(backupHandle))
     }
 
     @Test
-    fun testApkWriteRead() = runBlocking {
+    fun v0testApkWriteRead() = runBlocking {
         // initialize storage with given token
         initStorage(token)
 
         // write random bytes as APK
         val apk1 = getRandomByteArray(1337 * 1024)
-        backupPlugin.getApkOutputStream(packageInfo, "").writeAndClose(apk1)
+        backend.save(LegacyAppBackupFile.Blob(token, "${packageInfo.packageName}.apk"))
+            .writeAndClose(apk1)
 
         // assert that read APK bytes match what was written
-        assertReadEquals(apk1, restorePlugin.getApkInputStream(token, packageInfo.packageName, ""))
+        assertReadEquals(
+            apk1,
+            legacyStoragePlugin.getApkInputStream(token, packageInfo.packageName, "")
+        )
 
         // write random bytes as another APK
         val suffix2 = getRandomBase64(23)
         val apk2 = getRandomByteArray(23 * 1024 * 1024)
-        backupPlugin.getApkOutputStream(packageInfo2, suffix2).writeAndClose(apk2)
+
+        backend.save(LegacyAppBackupFile.Blob(token, "${packageInfo2.packageName}$suffix2.apk"))
+            .writeAndClose(apk2)
 
         // assert that read APK bytes match what was written
         assertReadEquals(
             apk2,
-            restorePlugin.getApkInputStream(token, packageInfo2.packageName, suffix2)
+            legacyStoragePlugin.getApkInputStream(token, packageInfo2.packageName, suffix2)
         )
     }
 
     @Test
-    fun testKvBackupRestore() = runBlocking {
-        // define shortcuts
-        val kvBackup = backupPlugin.kvBackupPlugin
-        val kvRestore = restorePlugin.kvRestorePlugin
-
+    fun testBackupRestore() = runBlocking {
         // initialize storage with given token
         initStorage(token)
 
-        // no data available for given package
-        assertFalse(kvBackup.hasDataForPackage(packageInfo))
-        assertFalse(kvRestore.hasDataForPackage(token, packageInfo))
-
-        // define key/value pair records
-        val record1 = Pair(getRandomBase64(23), getRandomByteArray(1337))
-        val record2 = Pair(getRandomBase64(42), getRandomByteArray(42 * 1024))
-        val record3 = Pair(getRandomBase64(128), getRandomByteArray(5 * 1024 * 1024))
-
-        // write first record
-        kvBackup.getOutputStreamForRecord(packageInfo, record1.first).writeAndClose(record1.second)
-
-        // data is now available for current token and given package, but not for different token
-        assertTrue(kvBackup.hasDataForPackage(packageInfo))
-        assertTrue(kvRestore.hasDataForPackage(token, packageInfo))
-        assertFalse(kvRestore.hasDataForPackage(token + 1, packageInfo))
-
-        // record for package is found and returned properly
-        var records = kvRestore.listRecords(token, packageInfo)
-        assertEquals(1, records.size)
-        assertEquals(record1.first, records[0])
-        assertReadEquals(
-            record1.second,
-            kvRestore.getInputStreamForRecord(token, packageInfo, record1.first)
-        )
-
-        // write second and third record
-        kvBackup.getOutputStreamForRecord(packageInfo, record2.first).writeAndClose(record2.second)
-        kvBackup.getOutputStreamForRecord(packageInfo, record3.first).writeAndClose(record3.second)
-
-        // all records for package are found and returned properly
-        assertTrue(kvRestore.hasDataForPackage(token, packageInfo))
-        records = kvRestore.listRecords(token, packageInfo)
-        assertEquals(listOf(record1.first, record2.first, record3.first).sorted(), records.sorted())
-        assertReadEquals(
-            record1.second,
-            kvRestore.getInputStreamForRecord(token, packageInfo, record1.first)
-        )
-        assertReadEquals(
-            record2.second,
-            kvRestore.getInputStreamForRecord(token, packageInfo, record2.first)
-        )
-        assertReadEquals(
-            record3.second,
-            kvRestore.getInputStreamForRecord(token, packageInfo, record3.first)
-        )
-
-        // delete record3 and ensure that the other two are still found
-        kvBackup.deleteRecord(packageInfo, record3.first)
-        assertTrue(kvRestore.hasDataForPackage(token, packageInfo))
-        records = kvRestore.listRecords(token, packageInfo)
-        assertEquals(listOf(record1.first, record2.first).sorted(), records.sorted())
-
-        // remove all data of package and ensure that it is gone
-        kvBackup.removeDataOfPackage(packageInfo)
-        assertFalse(kvBackup.hasDataForPackage(packageInfo))
-        assertFalse(kvRestore.hasDataForPackage(token, packageInfo))
-    }
-
-    @Test
-    fun testMaxKvKeyLength() = runBlocking {
-        // define shortcuts
-        val kvBackup = backupPlugin.kvBackupPlugin
-        val kvRestore = restorePlugin.kvRestorePlugin
-
-        // initialize storage with given token
-        initStorage(token)
-        assertFalse(kvBackup.hasDataForPackage(packageInfo))
-
-        // FIXME get Nextcloud to have the same limit
-        //  Since Nextcloud is using WebDAV and that seems to have undefined lower file name limits
-        //  we might have to lower our maximum to accommodate for that.
-        val max = if (isNextcloud()) MAX_KEY_LENGTH_NEXTCLOUD else MAX_KEY_LENGTH
-        val maxOver = if (isNextcloud()) max + 10 else max + 1
-
-        // define record with maximum key length and one above the maximum
-        val recordMax = Pair(getRandomBase64(max), getRandomByteArray(1024))
-        val recordOver = Pair(getRandomBase64(maxOver), getRandomByteArray(1024))
-
-        // write max record
-        kvBackup.getOutputStreamForRecord(packageInfo, recordMax.first)
-            .writeAndClose(recordMax.second)
-
-        // max record is found correctly
-        assertTrue(kvRestore.hasDataForPackage(token, packageInfo))
-        val records = kvRestore.listRecords(token, packageInfo)
-        assertEquals(listOf(recordMax.first), records)
-
-        // write exceeding key length record
-        if (isNextcloud()) {
-            // Nextcloud simply refuses to write long filenames
-            coAssertThrows(IOException::class.java) {
-                kvBackup.getOutputStreamForRecord(packageInfo, recordOver.first)
-                    .writeAndClose(recordOver.second)
-            }
-        } else {
-            coAssertThrows(IllegalStateException::class.java) {
-                kvBackup.getOutputStreamForRecord(packageInfo, recordOver.first)
-                    .writeAndClose(recordOver.second)
-            }
-        }
-    }
-
-    @Test
-    fun testFullBackupRestore() = runBlocking {
-        // define shortcuts
-        val fullBackup = backupPlugin.fullBackupPlugin
-        val fullRestore = restorePlugin.fullRestorePlugin
-
-        // initialize storage with given token
-        initStorage(token)
-
-        // no data available initially
-        assertFalse(fullRestore.hasDataForPackage(token, packageInfo))
-        assertFalse(fullRestore.hasDataForPackage(token, packageInfo2))
+        val name1 = getRandomBase64()
+        val name2 = getRandomBase64()
 
         // write full backup data
         val data = getRandomByteArray(5 * 1024 * 1024)
-        fullBackup.getOutputStream(packageInfo).writeAndClose(data)
-
-        // data is available now, but only this token
-        assertTrue(fullRestore.hasDataForPackage(token, packageInfo))
-        assertFalse(fullRestore.hasDataForPackage(token + 1, packageInfo))
+        backend.save(LegacyAppBackupFile.Blob(token, name1)).writeAndClose(data)
 
         // restore data matches backed up data
-        assertReadEquals(data, fullRestore.getInputStreamForPackage(token, packageInfo))
+        assertReadEquals(data, backend.load(LegacyAppBackupFile.Blob(token, name1)))
 
         // write and check data for second package
         val data2 = getRandomByteArray(5 * 1024 * 1024)
-        fullBackup.getOutputStream(packageInfo2).writeAndClose(data2)
-        assertTrue(fullRestore.hasDataForPackage(token, packageInfo2))
-        assertReadEquals(data2, fullRestore.getInputStreamForPackage(token, packageInfo2))
+        backend.save(LegacyAppBackupFile.Blob(token, name2)).writeAndClose(data2)
+        assertReadEquals(data2, backend.load(LegacyAppBackupFile.Blob(token, name2)))
 
         // remove data of first package again and ensure that no more data is found
-        fullBackup.removeDataOfPackage(packageInfo)
-        assertFalse(fullRestore.hasDataForPackage(token, packageInfo))
-
-        // second package is still there
-        assertTrue(fullRestore.hasDataForPackage(token, packageInfo2))
+        backend.remove(LegacyAppBackupFile.Blob(token, name1))
 
         // ensure that it gets deleted as well
-        fullBackup.removeDataOfPackage(packageInfo2)
-        assertFalse(fullRestore.hasDataForPackage(token, packageInfo2))
+        backend.remove(LegacyAppBackupFile.Blob(token, name2))
     }
 
     private fun initStorage(token: Long) = runBlocking {
-        every { mockedSettingsManager.getToken() } returns token
-        backupPlugin.initializeDevice()
-    }
-
-    private fun isNextcloud(): Boolean {
-        return backupPlugin.providerPackageName?.startsWith("com.nextcloud") ?: false
+        every { mockedSettingsManager.token } returns token
     }
 
 }

app/src/androidTest/java/com/stevesoltys/seedvault/backend/saf/SafBackendTest.kt

@@ -0,0 +1,44 @@
+/*
+ * SPDX-FileCopyrightText: 2024 The Calyx Institute
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+package com.stevesoltys.seedvault.backend.saf
+
+import androidx.test.ext.junit.runners.AndroidJUnit4
+import androidx.test.filters.MediumTest
+import androidx.test.platform.app.InstrumentationRegistry
+import com.stevesoltys.seedvault.settings.SettingsManager
+import kotlinx.coroutines.runBlocking
+import org.calyxos.seedvault.core.backends.Backend
+import org.calyxos.seedvault.core.backends.BackendTest
+import org.calyxos.seedvault.core.backends.saf.SafBackend
+import org.junit.Test
+import org.junit.runner.RunWith
+import org.koin.core.component.KoinComponent
+import org.koin.core.component.inject
+
+@RunWith(AndroidJUnit4::class)
+@MediumTest
+class SafBackendTest : BackendTest(), KoinComponent {
+
+    private val context = InstrumentationRegistry.getInstrumentation().targetContext
+    private val settingsManager by inject<SettingsManager>()
+    private val safProperties = settingsManager.getSafProperties() ?: error("No SAF storage")
+    override val backend: Backend = SafBackend(context, safProperties, ".SeedvaultTest")
+
+    @Test
+    fun `test write list read rename delete`(): Unit = runBlocking {
+        testWriteListReadRenameDelete()
+    }
+
+    @Test
+    fun `test remove create write file`(): Unit = runBlocking {
+        testRemoveCreateWriteFile()
+    }
+
+    @Test
+    fun `test free space and create app blob without root folder`(): Unit = runBlocking {
+        testTestFreeSpaceAndCreateBlob()
+    }
+}

app/src/androidTest/java/com/stevesoltys/seedvault/e2e/LargeBackupTestBase.kt

@@ -0,0 +1,209 @@
+/*
+ * SPDX-FileCopyrightText: 2023 The Calyx Institute
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+package com.stevesoltys.seedvault.e2e
+
+import android.content.pm.PackageInfo
+import android.os.ParcelFileDescriptor
+import androidx.test.uiautomator.Until
+import com.stevesoltys.seedvault.e2e.io.BackupDataInputIntercept
+import com.stevesoltys.seedvault.e2e.screen.impl.BackupScreen
+import com.stevesoltys.seedvault.transport.backup.FullBackup
+import com.stevesoltys.seedvault.transport.backup.InputFactory
+import com.stevesoltys.seedvault.transport.backup.KVBackup
+import com.stevesoltys.seedvault.ui.notification.BackupNotificationManager
+import io.mockk.clearMocks
+import io.mockk.coEvery
+import io.mockk.every
+import kotlinx.coroutines.delay
+import kotlinx.coroutines.runBlocking
+import kotlinx.coroutines.withTimeout
+import org.calyxos.seedvault.core.toHexString
+import org.koin.core.component.get
+import java.security.DigestInputStream
+import java.security.MessageDigest
+import java.util.concurrent.atomic.AtomicBoolean
+import kotlin.test.fail
+
+internal interface LargeBackupTestBase : LargeTestBase {
+
+    companion object {
+        private const val BACKUP_TIMEOUT = 360 * 1000L
+    }
+
+    val spyBackupNotificationManager: BackupNotificationManager get() = get()
+
+    val spyFullBackup: FullBackup get() = get()
+
+    val spyKVBackup: KVBackup get() = get()
+
+    val spyInputFactory: InputFactory get() = get()
+
+    fun launchBackupActivity() {
+        runCommand("am start -n ${targetContext.packageName}/.settings.SettingsActivity")
+        waitUntilIdle()
+    }
+
+    fun startBackup() {
+        BackupScreen {
+
+            if (!backupManager.isBackupEnabled) {
+                backupSwitch.click()
+                waitUntilIdle()
+
+                BackupScreen {
+                    device.wait(Until.hasObject(initializingText), 10000)
+                    device.wait(Until.gone(initializingText), 120000)
+                }
+            }
+
+            backupMenu.clickAndWaitForNewWindow()
+            waitUntilIdle()
+
+            backupNowButton.clickAndWaitForNewWindow()
+            waitUntilIdle()
+
+            backupStatusButton.clickAndWaitForNewWindow()
+            waitUntilIdle()
+        }
+    }
+
+    fun performBackup(): SeedvaultLargeTestResult {
+
+        val backupResult = SeedvaultLargeTestResult(
+            full = mutableMapOf(),
+            kv = mutableMapOf(),
+            userApps = packageService.userApps,
+        )
+
+        val completed = spyOnBackup(backupResult)
+        startBackup()
+        waitForBackupResult(completed)
+
+        return backupResult.copy(
+            backupResults = backupResult.allUserApps().associate {
+                it.packageName to spyMetadataManager.getPackageMetadata(it.packageName)
+            }.toMutableMap()
+        )
+    }
+
+    private fun waitForBackupResult(completed: AtomicBoolean) {
+        runBlocking {
+            withTimeout(BACKUP_TIMEOUT) {
+                while (!completed.get()) {
+                    delay(100)
+                }
+            }
+        }
+    }
+
+    private fun spyOnBackup(backupResult: SeedvaultLargeTestResult): AtomicBoolean {
+        clearMocks(spyInputFactory, spyKVBackup, spyFullBackup)
+        spyOnFullBackupData(backupResult)
+        spyOnKVBackupData(backupResult)
+
+        return spyOnBackupCompletion()
+    }
+
+    private fun spyOnKVBackupData(backupResult: SeedvaultLargeTestResult) {
+        var packageName: String? = null
+        var data = mutableMapOf<String, ByteArray>()
+
+        coEvery {
+            spyKVBackup.performBackup(any(), any(), any())
+        } answers {
+            packageName = firstArg<PackageInfo>().packageName
+            callOriginal()
+        }
+
+        every {
+            spyInputFactory.getBackupDataInput(any())
+        } answers {
+            val fd = firstArg<ParcelFileDescriptor>().fileDescriptor
+
+            BackupDataInputIntercept(fd) { key, value ->
+                data[key] = value
+            }
+        }
+
+        coEvery {
+            spyKVBackup.finishBackup()
+        } answers {
+            val oldMap = HashMap<String, String>()
+            // @pm@ and android can get backed up multiple times (if we need more than one request)
+            // so we need to keep the data it backed up before
+            if (backupResult.kv.containsKey(packageName)) {
+                backupResult.kv[packageName]?.forEach { (key, value) ->
+                    // if a key existing in new data, we use its value from new data, don't override
+                    if (!data.containsKey(key)) oldMap[key] = value
+                }
+            }
+            backupResult.kv[packageName!!] = data
+                .mapValues { entry -> entry.value.sha256() }
+                .toMutableMap()
+                .apply {
+                    putAll(oldMap)
+                }
+
+            packageName = null
+            data = mutableMapOf()
+            callOriginal()
+        }
+    }
+
+    private fun spyOnFullBackupData(backupResult: SeedvaultLargeTestResult) {
+        var packageName: String? = null
+        val messageDigest = MessageDigest.getInstance("SHA-256")
+        var digestInputStream: DigestInputStream? = null
+
+        coEvery {
+            spyFullBackup.performFullBackup(any(), any(), any())
+        } answers {
+            packageName = firstArg<PackageInfo>().packageName
+            callOriginal()
+        }
+
+        every {
+            spyInputFactory.getInputStream(any())
+        } answers {
+            digestInputStream = DigestInputStream(callOriginal(), messageDigest)
+            digestInputStream!!
+        }
+
+        coEvery {
+            spyFullBackup.finishBackup()
+        } answers {
+            val result = callOriginal()
+            val digest = digestInputStream?.messageDigest ?: fail("No digestInputStream")
+            backupResult.full[packageName!!] = digest.digest().toHexString()
+
+            packageName = null
+            digest.reset()
+            result
+        }
+    }
+
+    private fun spyOnBackupCompletion(): AtomicBoolean {
+        val completed = AtomicBoolean(false)
+
+        clearMocks(spyBackupNotificationManager)
+
+        every {
+            spyBackupNotificationManager.onBackupSuccess(any(), any(), any())
+        } answers {
+            callOriginal()
+            completed.set(true)
+        }
+        every {
+            spyBackupNotificationManager.onBackupError()
+        } answers {
+            callOriginal()
+            completed.set(true)
+            fail("Backup failed.")
+        }
+
+        return completed
+    }
+}

app/src/androidTest/java/com/stevesoltys/seedvault/e2e/LargeRestoreTestBase.kt

@@ -0,0 +1,259 @@
+/*
+ * SPDX-FileCopyrightText: 2023 The Calyx Institute
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+package com.stevesoltys.seedvault.e2e
+
+import android.content.pm.PackageInfo
+import android.os.ParcelFileDescriptor
+import com.stevesoltys.seedvault.e2e.io.BackupDataOutputIntercept
+import com.stevesoltys.seedvault.e2e.screen.impl.RecoveryCodeScreen
+import com.stevesoltys.seedvault.e2e.screen.impl.RestoreScreen
+import com.stevesoltys.seedvault.transport.restore.FullRestore
+import com.stevesoltys.seedvault.transport.restore.KVRestore
+import com.stevesoltys.seedvault.transport.restore.OutputFactory
+import io.mockk.Call
+import io.mockk.MockKAnswerScope
+import io.mockk.clearMocks
+import io.mockk.coEvery
+import io.mockk.every
+import kotlinx.coroutines.Dispatchers
+import kotlinx.coroutines.delay
+import kotlinx.coroutines.runBlocking
+import kotlinx.coroutines.withContext
+import kotlinx.coroutines.withTimeout
+import org.calyxos.seedvault.core.toHexString
+import org.koin.core.component.get
+import java.security.DigestOutputStream
+import java.security.MessageDigest
+import kotlin.test.fail
+
+internal interface LargeRestoreTestBase : LargeTestBase {
+
+    companion object {
+        private const val RESTORE_TIMEOUT = 360 * 1000L
+    }
+
+    val spyFullRestore: FullRestore get() = get()
+
+    val spyKVRestore: KVRestore get() = get()
+
+    val spyOutputFactory: OutputFactory get() = get()
+
+    fun launchRestoreActivity() {
+        runCommand("am start -n ${targetContext.packageName}/.restore.RestoreActivity")
+        waitUntilIdle()
+    }
+
+    fun typeInRestoreCode(code: List<String>) {
+        assert(code.size == 12) { "Code must have 12 words." }
+
+        RecoveryCodeScreen {
+            waitUntilIdle()
+
+            code.forEachIndexed { index, word ->
+                wordTextField(index).text = word
+            }
+
+            waitUntilIdle()
+            verifyCodeButton.scrollTo().click()
+        }
+    }
+
+    fun performRestore(): SeedvaultLargeTestResult {
+
+        val result = SeedvaultLargeTestResult(
+            full = mutableMapOf(),
+            kv = mutableMapOf(),
+            userApps = emptyList(), // will update everything below this after restore
+        )
+
+        spyOnRestoreData(result)
+
+        RestoreScreen {
+            backupListItem.clickAndWaitForNewWindow()
+            waitUntilIdle()
+
+            waitForAppSelectionLoaded()
+            // just tap next in app selection
+            appsSelectedButton.clickAndWaitForNewWindow()
+
+            waitForInstallResult()
+
+            if (someAppsNotInstalledText.exists()) {
+                device.pressBack()
+            }
+
+            nextButton.clickAndWaitForNewWindow()
+
+            waitForRestoreDataResult()
+
+            if (someAppsNotRestoredText.exists()) {
+                device.pressBack()
+            }
+
+            finishButton.clickAndWaitForNewWindow()
+            skipButton.clickAndWaitForNewWindow()
+            waitUntilIdle()
+        }
+
+        return result.copy(
+            userApps = packageService.userApps,
+        )
+    }
+
+    private fun spyOnRestoreData(result: SeedvaultLargeTestResult) {
+        clearMocks(spyOutputFactory)
+
+        spyOnFullRestoreData(result)
+        spyOnKVRestoreData(result)
+    }
+
+    private fun waitForAppSelectionLoaded() = runBlocking {
+        withContext(Dispatchers.Main) {
+            withTimeout(RESTORE_TIMEOUT) {
+                while (spyRestoreViewModel.selectedApps.value?.apps?.isNotEmpty() != true) {
+                    delay(100)
+                }
+            }
+        }
+        waitUntilIdle()
+    }
+
+    private fun waitForInstallResult() = runBlocking {
+
+        withContext(Dispatchers.Main) {
+            withTimeout(RESTORE_TIMEOUT) {
+                while (spyRestoreViewModel.installResult.value?.isFinished != true) {
+                    delay(100)
+                }
+            }
+
+            val restoreResultValue = spyRestoreViewModel.installResult.value
+                ?: error("Restore APKs timed out")
+
+            // TODO: Fix this, with current test an app or two breaks on install with AOSP image.
+            // Just need to update the test data to work with the AOSP image.
+            // assert(!restoreResultValue.hasFailed) { "Failed to install packages" }
+        }
+
+        waitUntilIdle()
+    }
+
+    private fun waitForRestoreDataResult() = runBlocking {
+        withContext(Dispatchers.Main) {
+            withTimeout(RESTORE_TIMEOUT) {
+                while (spyRestoreViewModel.restoreBackupResult.value == null) {
+                    delay(100)
+                }
+            }
+
+            val restoreResultValue = spyRestoreViewModel.restoreBackupResult.value
+                ?: error("Restore app data timed out")
+
+            assert(!restoreResultValue.hasError()) {
+                "Restore failed: ${restoreResultValue.errorMsg}"
+            }
+
+            waitUntilIdle()
+        }
+    }
+
+    private fun spyOnKVRestoreData(restoreResult: SeedvaultLargeTestResult) {
+        var packageName: String? = null
+
+        clearMocks(spyKVRestore)
+
+        fun initializeStateBlock(
+            packageInfoIndex: Int
+        ): MockKAnswerScope<Unit, Unit>.(Call) -> Unit = {
+            packageName = arg<PackageInfo>(packageInfoIndex).packageName
+            restoreResult.kv[packageName!!] = mutableMapOf()
+            callOriginal()
+        }
+
+        coEvery {
+            spyKVRestore.initializeState(any(), any(), any(), any())
+        } answers initializeStateBlock(1)
+
+        coEvery {
+            spyKVRestore.initializeStateV1(any(), any(), any(), any())
+        } answers initializeStateBlock(2)
+
+        coEvery {
+            spyKVRestore.initializeStateV0(any(), any())
+        } answers initializeStateBlock(1)
+
+        every {
+            spyOutputFactory.getBackupDataOutput(any())
+        } answers {
+            val fd = firstArg<ParcelFileDescriptor>().fileDescriptor
+
+            BackupDataOutputIntercept(fd) { key, value ->
+                restoreResult.kv[packageName!!]!![key] = value.sha256()
+            }
+        }
+    }
+
+    private fun spyOnFullRestoreData(restoreResult: SeedvaultLargeTestResult) {
+        var packageName: String? = null
+        val messageDigest = MessageDigest.getInstance("SHA-256")
+        var digestOutputStream: DigestOutputStream? = null
+
+        clearMocks(spyFullRestore)
+
+        fun initializeStateBlock(
+            packageInfoIndex: Int
+        ): MockKAnswerScope<Unit, Unit>.(Call) -> Unit = {
+            packageName?.let {
+                // sometimes finishRestore() doesn't get called, so get data from last package here
+                digestOutputStream?.messageDigest?.let { digest ->
+                    restoreResult.full[packageName!!] = digest.digest().toHexString()
+                }
+            }
+
+            packageName = arg<PackageInfo>(packageInfoIndex).packageName
+
+            callOriginal()
+        }
+
+        coEvery {
+            spyFullRestore.initializeState(any(), any(), any())
+        } answers initializeStateBlock(1)
+
+        coEvery {
+            spyFullRestore.initializeStateV1(any(), any(), any())
+        } answers initializeStateBlock(2)
+
+        coEvery {
+            spyFullRestore.initializeStateV0(any(), any())
+        } answers initializeStateBlock(1)
+
+        every {
+            spyOutputFactory.getOutputStream(any())
+        } answers {
+            digestOutputStream = DigestOutputStream(callOriginal(), messageDigest)
+            digestOutputStream!!
+        }
+
+        every {
+            spyFullRestore.abortFullRestore()
+        } answers {
+            packageName = null
+            digestOutputStream?.messageDigest?.reset()
+            callOriginal()
+        }
+
+        every {
+            spyFullRestore.finishRestore()
+        } answers {
+            val digest = digestOutputStream?.messageDigest ?: fail("No digestOutputStream")
+            restoreResult.full[packageName!!] = digest.digest().toHexString()
+
+            packageName = null
+            digest.reset()
+            callOriginal()
+        }
+    }
+}

app/src/androidTest/java/com/stevesoltys/seedvault/e2e/LargeTestBase.kt

@@ -0,0 +1,240 @@
+/*
+ * SPDX-FileCopyrightText: 2023 The Calyx Institute
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+package com.stevesoltys.seedvault.e2e
+
+import android.app.UiAutomation
+import android.app.backup.IBackupManager
+import android.content.Context
+import android.content.pm.PackageInfo
+import android.content.pm.PackageManager.PERMISSION_GRANTED
+import android.os.Environment
+import androidx.annotation.WorkerThread
+import androidx.preference.PreferenceManager
+import androidx.test.platform.app.InstrumentationRegistry
+import androidx.test.uiautomator.UiDevice
+import androidx.test.uiautomator.Until
+import com.stevesoltys.seedvault.crypto.ANDROID_KEY_STORE
+import com.stevesoltys.seedvault.crypto.KEY_ALIAS_BACKUP
+import com.stevesoltys.seedvault.crypto.KEY_ALIAS_MAIN
+import com.stevesoltys.seedvault.crypto.KeyManager
+import com.stevesoltys.seedvault.currentRestoreStorageViewModel
+import com.stevesoltys.seedvault.currentRestoreViewModel
+import com.stevesoltys.seedvault.e2e.screen.impl.BackupScreen
+import com.stevesoltys.seedvault.e2e.screen.impl.DocumentPickerScreen
+import com.stevesoltys.seedvault.e2e.screen.impl.RecoveryCodeScreen
+import com.stevesoltys.seedvault.metadata.MetadataManager
+import com.stevesoltys.seedvault.permitDiskReads
+import com.stevesoltys.seedvault.restore.RestoreViewModel
+import com.stevesoltys.seedvault.settings.SettingsManager
+import com.stevesoltys.seedvault.transport.backup.PackageService
+import com.stevesoltys.seedvault.ui.storage.RestoreStorageViewModel
+import kotlinx.coroutines.DelicateCoroutinesApi
+import kotlinx.coroutines.Dispatchers
+import kotlinx.coroutines.GlobalScope
+import kotlinx.coroutines.launch
+import org.koin.core.component.KoinComponent
+import org.koin.core.component.get
+import java.io.File
+import java.lang.Thread.sleep
+import java.security.KeyStore
+import java.security.MessageDigest
+import java.text.SimpleDateFormat
+import java.util.Calendar
+import java.util.concurrent.atomic.AtomicBoolean
+
+internal interface LargeTestBase : KoinComponent {
+
+    companion object {
+        private const val TEST_STORAGE_FOLDER = "seedvault_test"
+        private const val TEST_RESULT_FOLDER = "seedvault_test_results"
+    }
+
+    val externalStorageDir: String get() = Environment.getExternalStorageDirectory().absolutePath
+
+    val testStoragePath get() = "$externalStorageDir/$TEST_STORAGE_FOLDER"
+
+    val testResultPath get() = "$externalStorageDir/$TEST_RESULT_FOLDER"
+
+    val targetContext: Context
+        get() = InstrumentationRegistry.getInstrumentation().targetContext
+
+    val uiAutomation: UiAutomation
+        get() = InstrumentationRegistry.getInstrumentation().uiAutomation
+
+    val device: UiDevice
+        get() = UiDevice.getInstance(InstrumentationRegistry.getInstrumentation())
+
+    val packageService: PackageService get() = get()
+
+    val settingsManager: SettingsManager get() = get()
+
+    val keyManager: KeyManager get() = get()
+
+    val spyMetadataManager: MetadataManager get() = get()
+
+    val backupManager: IBackupManager get() = get()
+
+    val spyRestoreViewModel: RestoreViewModel
+        get() = currentRestoreViewModel ?: error("currentRestoreViewModel is null")
+
+    val spyRestoreStorageViewModel: RestoreStorageViewModel
+        get() = currentRestoreStorageViewModel ?: error("currentRestoreStorageViewModel is null")
+
+    fun resetApplicationState() {
+        backupManager.setAutoRestore(false)
+
+        val sharedPreferences = permitDiskReads {
+            PreferenceManager.getDefaultSharedPreferences(targetContext)
+        }
+        sharedPreferences.edit().clear().apply()
+
+        KeyStore.getInstance(ANDROID_KEY_STORE).apply {
+            load(null)
+        }.apply {
+            deleteEntry(KEY_ALIAS_MAIN)
+            deleteEntry(KEY_ALIAS_BACKUP)
+        }
+
+        clearDocumentPickerAppData()
+        device.executeShellCommand("rm -R $externalStorageDir/.SeedVaultAndroidBackup")
+    }
+
+    fun waitUntilIdle() {
+        device.waitForIdle()
+        sleep(3000)
+    }
+
+    fun runCommand(command: String) {
+        uiAutomation.executeShellCommand(command).close()
+    }
+
+    fun testResultFilename(testName: String): String {
+        val simpleDateFormat = SimpleDateFormat("yyyyMMdd_hhmmss")
+        val timeStamp = simpleDateFormat.format(Calendar.getInstance().time)
+        return "${timeStamp}_${testName.replace(" ", "_")}"
+    }
+
+    @OptIn(DelicateCoroutinesApi::class)
+    @WorkerThread
+    suspend fun startRecordingTest(
+        keepRecordingScreen: AtomicBoolean,
+        testName: String,
+    ) {
+        val folder = testResultPath
+        runCommand("mkdir -p $folder")
+
+        val fileName = testResultFilename(testName)
+
+        // screen record automatically stops after 3 minutes
+        // we need to block on a loop and split it into multiple files
+        GlobalScope.launch(Dispatchers.IO) {
+            var index = 0
+
+            while (keepRecordingScreen.get()) {
+                device.executeShellCommand("screenrecord $folder/$fileName-${index++}.mp4")
+            }
+        }
+    }
+
+    @WorkerThread
+    fun stopRecordingTest(
+        keepRecordingScreen: AtomicBoolean,
+        testName: String,
+    ) {
+        keepRecordingScreen.set(false)
+        runCommand("pkill -2 screenrecord")
+
+        // write logcat to file
+        val fileName = testResultFilename(testName)
+        runCommand("logcat -d -f $testResultPath/$fileName.log")
+    }
+
+    fun uninstallPackages(packages: Collection<PackageInfo>) {
+        packages.forEach { runCommand("pm uninstall ${it.packageName}") }
+    }
+
+    fun clearDocumentPickerAppData() {
+        runCommand("pm clear com.google.android.documentsui")
+    }
+
+    fun clearTestBackups() {
+        File(testStoragePath).deleteRecursively()
+        File(testResultPath).deleteRecursively()
+    }
+
+    fun changeBackupLocation(
+        folderName: String = TEST_STORAGE_FOLDER,
+        exists: Boolean = false,
+    ) {
+        BackupScreen {
+            clearDocumentPickerAppData()
+            backupLocationButton.clickAndWaitForNewWindow()
+
+            chooseStorageLocation(folderName, exists)
+        }
+    }
+
+    fun chooseStorageLocation(
+        folderName: String = TEST_STORAGE_FOLDER,
+        exists: Boolean = false,
+    ) {
+        val manageDocumentsPermission =
+            targetContext.checkSelfPermission("android.permission.MANAGE_DOCUMENTS")
+
+        if (manageDocumentsPermission != PERMISSION_GRANTED) {
+            DocumentPickerScreen {
+                if (exists) {
+                    existingFolder(folderName).scrollTo().clickAndWaitForNewWindow()
+
+                } else {
+                    createNewFolderButton.clickAndWaitForNewWindow()
+                    textBox.text = folderName
+                    okButton.clickAndWaitForNewWindow()
+                }
+
+                useThisFolderButton.clickAndWaitForNewWindow()
+                allowButton.clickAndWaitForNewWindow()
+            }
+        } else {
+            val extDir = externalStorageDir
+
+            device.executeShellCommand("rm -R $extDir/.SeedVaultAndroidBackup")
+            device.executeShellCommand(
+                "cp -R $extDir/$folderName/" +
+                    ".SeedVaultAndroidBackup $extDir"
+            )
+            device.executeShellCommand("cp -R $extDir/$folderName/recovery-code.txt $extDir")
+
+            BackupScreen {
+                internalStorageButton.clickAndWaitForNewWindow()
+
+                if (useAnywayButton.waitForExists(3000)) {
+                    useAnywayButton.clickAndWaitForNewWindow()
+                }
+            }
+        }
+
+        BackupScreen {
+            device.wait(Until.hasObject(initializingText), 10000)
+            device.wait(Until.gone(initializingText), 120000)
+        }
+    }
+
+    fun confirmCode() {
+        RecoveryCodeScreen {
+            startNewBackupButton.click()
+            confirmCodeButton.click()
+
+            verifyCodeButton.scrollTo().click()
+        }
+    }
+
+    fun ByteArray.sha256(): String {
+        val data = MessageDigest.getInstance("SHA-256").digest(this)
+
+        return data.joinToString("") { "%02x".format(it) }
+    }
+}

app/src/androidTest/java/com/stevesoltys/seedvault/e2e/SeedvaultLargeTest.kt

@@ -0,0 +1,104 @@
+/*
+ * SPDX-FileCopyrightText: 2023 The Calyx Institute
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+package com.stevesoltys.seedvault.e2e
+
+import android.content.pm.PackageManager
+import androidx.test.ext.junit.runners.AndroidJUnit4
+import kotlinx.coroutines.runBlocking
+import org.junit.After
+import org.junit.Before
+import org.junit.Rule
+import org.junit.rules.TestName
+import org.junit.runner.RunWith
+import org.koin.core.component.KoinComponent
+import java.io.File
+import java.lang.Thread.sleep
+import java.util.concurrent.atomic.AtomicBoolean
+
+@RunWith(AndroidJUnit4::class)
+internal abstract class SeedvaultLargeTest :
+    LargeBackupTestBase, LargeRestoreTestBase, KoinComponent {
+
+    @JvmField
+    @Rule
+    var name = TestName()
+
+    companion object {
+        private const val BASELINE_BACKUP_FOLDER = "seedvault_baseline"
+        private const val RECOVERY_CODE_FILE = "recovery-code.txt"
+    }
+
+    private val baselineBackupFolderPath get() = "$externalStorageDir/$BASELINE_BACKUP_FOLDER"
+
+    private val baselineBackupPath get() = "$baselineBackupFolderPath/.SeedVaultAndroidBackup"
+
+    private val baselineRecoveryCodePath = "$baselineBackupFolderPath/$RECOVERY_CODE_FILE"
+
+    private val keepRecordingScreen = AtomicBoolean(true)
+
+    @Before
+    open fun setUp() = runBlocking {
+        resetApplicationState()
+        clearTestBackups()
+
+        runCommand("bmgr enable true")
+        runCommand("bmgr transport com.stevesoltys.seedvault.transport.ConfigurableBackupTransport")
+        sleep(5000)
+
+        startRecordingTest(keepRecordingScreen, name.methodName)
+        restoreBaselineBackup()
+    }
+
+    @After
+    open fun tearDown() {
+        stopRecordingTest(keepRecordingScreen, name.methodName)
+    }
+
+    /**
+     * Restore the baseline backup, if it exists.
+     *
+     * This is a hand-crafted backup containing various apps and app data that we use for
+     * provisioning tests: https://github.com/seedvault-app/seedvault-test-data
+     */
+    private fun restoreBaselineBackup() {
+        val backupFile = File(baselineBackupPath)
+
+        val manageDocumentsPermission =
+            targetContext.checkSelfPermission("android.permission.MANAGE_DOCUMENTS")
+
+        if (manageDocumentsPermission == PackageManager.PERMISSION_GRANTED) {
+            val extDir = externalStorageDir
+
+            device.executeShellCommand("rm -R $extDir/.SeedVaultAndroidBackup")
+            device.executeShellCommand(
+                "cp -R $extDir/$BASELINE_BACKUP_FOLDER/" +
+                    ".SeedVaultAndroidBackup $extDir"
+            )
+            device.executeShellCommand(
+                "cp -R $extDir/$BASELINE_BACKUP_FOLDER/" +
+                    "recovery-code.txt $extDir"
+            )
+        }
+
+        if (backupFile.exists()) {
+            launchRestoreActivity()
+            chooseStorageLocation(folderName = BASELINE_BACKUP_FOLDER, exists = true)
+            typeInRestoreCode(baselineBackupRecoveryCode())
+            performRestore()
+
+            resetApplicationState()
+        }
+    }
+
+    private fun baselineBackupRecoveryCode(): List<String> {
+        val recoveryCodeFile = File(baselineRecoveryCodePath)
+
+        return recoveryCodeFile.readLines()
+            .filter { it.isNotBlank() }
+            .joinToString(separator = " ") { it.trim() }
+            .split(" ")
+    }
+}

app/src/androidTest/java/com/stevesoltys/seedvault/e2e/SeedvaultLargeTestResult.kt

@@ -0,0 +1,29 @@
+/*
+ * SPDX-FileCopyrightText: 2023 The Calyx Institute
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+package com.stevesoltys.seedvault.e2e
+
+import android.content.pm.PackageInfo
+import com.stevesoltys.seedvault.metadata.PackageMetadata
+import com.stevesoltys.seedvault.restore.AppRestoreResult
+
+/**
+ * Contains maps of (package name -> SHA-256 hashes) of application data.
+ *
+ * During backups and restores, we intercept the package data and store the result here.
+ * We can use this to validate that the restored app data actually matches the backed up data.
+ *
+ * For full backups, the mapping is: Map<PackageName, SHA-256>
+ * For K/V backups, the mapping is: Map<PackageName, Map<Key, SHA-256>>
+ */
+internal data class SeedvaultLargeTestResult(
+    val backupResults: Map<String, PackageMetadata?> = emptyMap(),
+    val restoreResults: Map<String, AppRestoreResult?> = emptyMap(),
+    val full: MutableMap<String, String>,
+    val kv: MutableMap<String, MutableMap<String, String>>,
+    val userApps: List<PackageInfo>,
+) {
+    fun allUserApps() = userApps
+}

app/src/androidTest/java/com/stevesoltys/seedvault/e2e/impl/BackupRestoreTest.kt

@@ -0,0 +1,176 @@
+/*
+ * SPDX-FileCopyrightText: 2023 The Calyx Institute
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+package com.stevesoltys.seedvault.e2e.impl
+
+import android.content.Intent.FLAG_ACTIVITY_NEW_TASK
+import android.util.Log
+import androidx.test.filters.LargeTest
+import com.stevesoltys.seedvault.MAGIC_PACKAGE_MANAGER
+import com.stevesoltys.seedvault.e2e.SeedvaultLargeTest
+import com.stevesoltys.seedvault.e2e.SeedvaultLargeTestResult
+import com.stevesoltys.seedvault.metadata.PackageState
+import com.stevesoltys.seedvault.transport.backup.isStopped
+import org.junit.Test
+
+@LargeTest
+internal class BackupRestoreTest : SeedvaultLargeTest() {
+
+    @Test
+    fun `backup and restore applications`() {
+        launchBackupActivity()
+
+        if (!keyManager.hasBackupKey()) {
+            confirmCode()
+        }
+
+        if (settingsManager.getSafProperties() == null) {
+            chooseStorageLocation()
+        } else {
+            changeBackupLocation()
+        }
+
+        launchStoppedApps()
+        launchBackupActivity()
+
+        val backupResult = performBackup()
+        assertValidBackupMetadata(backupResult)
+
+        uninstallPackages(backupResult.allUserApps())
+
+        launchRestoreActivity()
+        val restoreResult = performRestore()
+
+        assertValidResults(backupResult, restoreResult)
+    }
+
+    private fun assertValidBackupMetadata(backup: SeedvaultLargeTestResult) {
+        // Assert all user apps have metadata.
+        backup.allUserApps().forEach { app ->
+            assert(backup.backupResults.containsKey(app.packageName)) {
+                "Metadata for $app missing from backup."
+            }
+        }
+
+        // Assert all metadata has a valid state.
+        backup.backupResults.forEach { (pkg, metadata) ->
+            assert(metadata != null) { "Metadata for $pkg is null." }
+
+            assert(metadata!!.state != PackageState.UNKNOWN_ERROR) {
+                "Metadata for $pkg has an unknown state."
+            }
+        }
+    }
+
+    private fun launchStoppedApps() {
+        val packageManager = targetContext.packageManager
+        val notBackedUp = packageService.notBackedUpPackages
+        notBackedUp.forEach { packageInfo ->
+            val i = packageManager.getLaunchIntentForPackage(packageInfo.packageName)?.apply {
+                addFlags(FLAG_ACTIVITY_NEW_TASK)
+            }
+            Log.i("TEST", "Launching $i")
+            try {
+                targetContext.startActivity(i)
+            } catch (e: Exception) {
+                Log.e("TEST", "Could not launch activity for ${packageInfo.packageName}", e)
+            }
+            waitUntilIdle()
+        }
+        waitUntilIdle()
+        notBackedUp.forEach { packageInfo ->
+            val pi = packageManager.getPackageInfo(packageInfo.packageName, 0)
+            Log.e("TEST", "${packageInfo.packageName} isStopped: ${pi.isStopped()}")
+        }
+    }
+
+    private fun assertValidResults(
+        backup: SeedvaultLargeTestResult,
+        restore: SeedvaultLargeTestResult,
+    ) {
+        assertAllUserAppsWereRestored(backup, restore)
+        assertValidFullData(backup, restore)
+        assertValidKeyValueData(backup, restore)
+    }
+
+    private fun assertAllUserAppsWereRestored(
+        backup: SeedvaultLargeTestResult,
+        restore: SeedvaultLargeTestResult,
+    ) {
+        val backupUserApps = backup.allUserApps()
+            .map { it.packageName }.toSet()
+
+        val restoreUserApps = restore.allUserApps()
+            .map { it.packageName }.toSet()
+
+        // Assert we re-installed all user apps.
+        assert(restoreUserApps.containsAll(backupUserApps)) {
+            val missingApps = backupUserApps
+                .minus(restoreUserApps)
+                .joinToString(", ")
+
+            "Not all user apps were restored. Missing: $missingApps"
+        }
+
+        // Assert we restored data for all user apps that had successful backups.
+        // This is expected to succeed because we are uninstalling the apps before restoring.
+        val missingFromRestore = backup.userApps
+            .map { it.packageName }
+            .filter { backup.backupResults[it]?.state == PackageState.APK_AND_DATA }
+            .filter { !restore.kv.containsKey(it) && !restore.full.containsKey(it) }
+
+        if (missingFromRestore.isNotEmpty()) {
+            val failedApps = missingFromRestore.joinToString(", ")
+
+            error("Not all user apps had their data restored. Missing: $failedApps")
+        }
+    }
+
+    private fun assertValidFullData(
+        backup: SeedvaultLargeTestResult,
+        restore: SeedvaultLargeTestResult,
+    ) {
+        // Assert all "full" restored data matches the backup data.
+        val allUserPkgs = backup.allUserApps().map { it.packageName }
+
+        restore.full.forEach { (pkg, fullData) ->
+            if (allUserPkgs.contains(pkg)) {
+                assert(backup.full.containsKey(pkg)) {
+                    "Full data for $pkg missing from restore."
+                }
+
+                if (backup.backupResults[pkg]!!.state == PackageState.APK_AND_DATA) {
+                    assert(fullData == backup.full[pkg]!!) {
+                        "Full data for $pkg does not match."
+                    }
+                }
+            }
+        }
+    }
+
+    private fun assertValidKeyValueData(
+        backup: SeedvaultLargeTestResult,
+        restore: SeedvaultLargeTestResult,
+    ) {
+        // Assert all "key/value" restored data matches the backup data.
+        restore.kv.forEach { (pkg, kvData) ->
+            if (pkg != MAGIC_PACKAGE_MANAGER) {
+                assert(backup.kv.containsKey(pkg)) {
+                    "KV data for $pkg missing from backup."
+                }
+
+                kvData.forEach { (key, value) ->
+                    assert(backup.kv[pkg]!!.containsKey(key)) {
+                        "KV data for $pkg/$key exists in restore but is missing from backup."
+                    }
+
+                    assert(value.contentEquals(backup.kv[pkg]!![key]!!)) {
+                        "KV data for $pkg/$key does not match."
+                    }
+                }
+            }
+        }
+    }
+}

app/src/androidTest/java/com/stevesoltys/seedvault/e2e/io/BackupDataInputIntercept.kt

@@ -0,0 +1,29 @@
+/*
+ * SPDX-FileCopyrightText: 2023 The Calyx Institute
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+package com.stevesoltys.seedvault.e2e.io
+
+import android.app.backup.BackupDataInput
+import java.io.FileDescriptor
+
+class BackupDataInputIntercept(
+    fileDescriptor: FileDescriptor,
+    private val callback: (String, ByteArray) -> Unit,
+) : BackupDataInput(fileDescriptor) {
+
+    var currentKey: String? = null
+
+    override fun getKey(): String? {
+        currentKey = super.getKey()
+        return currentKey
+    }
+
+    override fun readEntityData(data: ByteArray, offset: Int, size: Int): Int {
+        val result = super.readEntityData(data, offset, size)
+
+        callback(currentKey!!, data.copyOf(result))
+        return result
+    }
+}

app/src/androidTest/java/com/stevesoltys/seedvault/e2e/io/BackupDataOutputIntercept.kt

@@ -0,0 +1,28 @@
+/*
+ * SPDX-FileCopyrightText: 2023 The Calyx Institute
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+package com.stevesoltys.seedvault.e2e.io
+
+import android.app.backup.BackupDataOutput
+import java.io.FileDescriptor
+
+class BackupDataOutputIntercept(
+    fileDescriptor: FileDescriptor,
+    private val callback: (String, ByteArray) -> Unit,
+) : BackupDataOutput(fileDescriptor) {
+
+    private var currentKey: String? = null
+
+    override fun writeEntityHeader(key: String, dataSize: Int): Int {
+        currentKey = key
+        return super.writeEntityHeader(key, dataSize)
+    }
+
+    override fun writeEntityData(data: ByteArray, size: Int): Int {
+        callback(currentKey!!, data.copyOf())
+
+        return super.writeEntityData(data, size)
+    }
+}

app/src/androidTest/java/com/stevesoltys/seedvault/e2e/screen/UiDeviceScreen.kt

@@ -0,0 +1,49 @@
+/*
+ * SPDX-FileCopyrightText: 2023 The Calyx Institute
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+package com.stevesoltys.seedvault.e2e.screen
+
+import android.widget.ScrollView
+import androidx.test.platform.app.InstrumentationRegistry
+import androidx.test.uiautomator.Configurator
+import androidx.test.uiautomator.UiDevice
+import androidx.test.uiautomator.UiObject
+import androidx.test.uiautomator.UiScrollable
+import androidx.test.uiautomator.UiSelector
+import java.lang.Thread.sleep
+
+abstract class UiDeviceScreen<T> {
+
+    companion object {
+        private const val SELECTOR_TIMEOUT = 180000L
+    }
+
+    operator fun invoke(function: T.() -> Unit) {
+        function.invoke(this as T)
+    }
+
+    fun UiObject.scrollTo(
+        scrollSelector: UiSelector = UiSelector().className(ScrollView::class.java),
+    ): UiObject {
+        val uiScrollable = UiScrollable(scrollSelector)
+        uiScrollable.waitForExists(SELECTOR_TIMEOUT)
+        uiScrollable.scrollIntoView(this)
+        waitForExists(SELECTOR_TIMEOUT)
+
+        sleep(2000)
+        return this
+    }
+
+    fun findObject(
+        block: UiSelector.() -> UiSelector,
+    ): UiObject = device().findObject(
+        UiSelector().let { it.block() }
+    )
+
+    private fun device() = UiDevice.getInstance(InstrumentationRegistry.getInstrumentation())
+        .also {
+            Configurator.getInstance().waitForSelectorTimeout = SELECTOR_TIMEOUT
+        }
+}

app/src/androidTest/java/com/stevesoltys/seedvault/e2e/screen/impl/BackupScreen.kt

@@ -0,0 +1,30 @@
+/*
+ * SPDX-FileCopyrightText: 2023 The Calyx Institute
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+package com.stevesoltys.seedvault.e2e.screen.impl
+
+import android.os.Build
+import androidx.test.uiautomator.By
+import androidx.test.uiautomator.BySelector
+import com.stevesoltys.seedvault.e2e.screen.UiDeviceScreen
+
+object BackupScreen : UiDeviceScreen<BackupScreen>() {
+
+    val backupMenu = findObject { description("More options") }
+
+    val backupNowButton = findObject { text("Backup now") }
+
+    val backupStatusButton = findObject { text("Backup status") }
+
+    val backupLocationButton = findObject { text("Backup location") }
+
+    val backupSwitch = findObject { text("Backup my apps") }
+
+    val internalStorageButton = findObject { textContains(Build.MODEL) }
+
+    val useAnywayButton = findObject { text("Use anyway") }
+
+    val initializingText: BySelector = By.textContains("Initializing backup location")
+}

app/src/androidTest/java/com/stevesoltys/seedvault/e2e/screen/impl/DocumentPickerScreen.kt

@@ -0,0 +1,24 @@
+/*
+ * SPDX-FileCopyrightText: 2023 The Calyx Institute
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+package com.stevesoltys.seedvault.e2e.screen.impl
+
+import android.widget.EditText
+import com.stevesoltys.seedvault.e2e.screen.UiDeviceScreen
+
+object DocumentPickerScreen : UiDeviceScreen<DocumentPickerScreen>() {
+
+    val createNewFolderButton = findObject { text("CREATE NEW FOLDER") }
+
+    val useThisFolderButton = findObject { text("USE THIS FOLDER") }
+
+    val textBox = findObject { className(EditText::class.java) }
+
+    val okButton = findObject { text("OK") }
+
+    val allowButton = findObject { text("ALLOW") }
+
+    fun existingFolder(folderName: String) = findObject { text(folderName) }
+}

app/src/androidTest/java/com/stevesoltys/seedvault/e2e/screen/impl/RecoveryCodeScreen.kt

@@ -0,0 +1,19 @@
+/*
+ * SPDX-FileCopyrightText: 2023 The Calyx Institute
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+package com.stevesoltys.seedvault.e2e.screen.impl
+
+import com.stevesoltys.seedvault.e2e.screen.UiDeviceScreen
+
+object RecoveryCodeScreen : UiDeviceScreen<RecoveryCodeScreen>() {
+
+    val startNewBackupButton = findObject { text("Start new") }
+
+    val confirmCodeButton = findObject { text("Confirm code") }
+
+    val verifyCodeButton = findObject { text("Verify") }
+
+    fun wordTextField(index: Int) = findObject { text("Word ${index + 1}") }
+}

app/src/androidTest/java/com/stevesoltys/seedvault/e2e/screen/impl/RestoreScreen.kt

@@ -0,0 +1,27 @@
+/*
+ * SPDX-FileCopyrightText: 2023 The Calyx Institute
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+package com.stevesoltys.seedvault.e2e.screen.impl
+
+import com.stevesoltys.seedvault.e2e.screen.UiDeviceScreen
+
+object RestoreScreen : UiDeviceScreen<RestoreScreen>() {
+
+    val backupListItem = findObject {
+        textContains("Android SDK") // device name of test backups
+    }
+
+    val appsSelectedButton = findObject { text("Restore backup") }
+
+    val nextButton = findObject { text("Next") }
+
+    val finishButton = findObject { text("Finish") }
+
+    val skipButton = findObject { text("Skip restoring files") }
+
+    val someAppsNotInstalledText = findObject { textContains("Some apps") }
+
+    val someAppsNotRestoredText = findObject { textContains("some apps") }
+}

app/src/androidTest/java/com/stevesoltys/seedvault/plugins/saf/DocumentsStorageTest.kt

@@ -1,216 +0,0 @@
-package com.stevesoltys.seedvault.plugins.saf
-
-import android.database.ContentObserver
-import android.database.Cursor
-import android.net.Uri
-import android.os.Bundle
-import android.provider.DocumentsContract.EXTRA_LOADING
-import androidx.documentfile.provider.DocumentFile
-import androidx.test.ext.junit.runners.AndroidJUnit4
-import androidx.test.platform.app.InstrumentationRegistry
-import com.stevesoltys.seedvault.assertReadEquals
-import com.stevesoltys.seedvault.coAssertThrows
-import com.stevesoltys.seedvault.getRandomBase64
-import com.stevesoltys.seedvault.getRandomByteArray
-import com.stevesoltys.seedvault.settings.SettingsManager
-import com.stevesoltys.seedvault.writeAndClose
-import io.mockk.Runs
-import io.mockk.every
-import io.mockk.just
-import io.mockk.mockk
-import io.mockk.slot
-import io.mockk.verify
-import kotlinx.coroutines.Dispatchers
-import kotlinx.coroutines.TimeoutCancellationException
-import kotlinx.coroutines.runBlocking
-import org.junit.After
-import org.junit.Assert.assertArrayEquals
-import org.junit.Assert.assertEquals
-import org.junit.Assert.assertFalse
-import org.junit.Assert.assertNotNull
-import org.junit.Assert.assertTrue
-import org.junit.Before
-import org.junit.Test
-import org.junit.runner.RunWith
-import org.koin.core.KoinComponent
-import org.koin.core.inject
-import java.io.IOException
-import kotlin.random.Random
-
-@RunWith(AndroidJUnit4::class)
-@Suppress("BlockingMethodInNonBlockingContext")
-class DocumentsStorageTest : KoinComponent {
-
-    private val context = InstrumentationRegistry.getInstrumentation().targetContext
-    private val settingsManager by inject<SettingsManager>()
-    private val storage = DocumentsStorage(context, settingsManager)
-
-    private val filename = getRandomBase64()
-    private lateinit var file: DocumentFile
-
-    @Before
-    fun setup() = runBlocking {
-        assertNotNull("Select a storage location in the app first!", storage.rootBackupDir)
-        file = storage.rootBackupDir?.createOrGetFile(context, filename)
-            ?: error("Could not create test file")
-    }
-
-    @After
-    fun tearDown() {
-        file.delete()
-    }
-
-    @Test
-    fun testWritingAndReadingFile() {
-        // write to output stream
-        val outputStream = storage.getOutputStream(file)
-        val content = ByteArray(1337).apply { Random.nextBytes(this) }
-        outputStream.write(content)
-        outputStream.flush()
-        outputStream.close()
-
-        // read written data from input stream
-        val inputStream = storage.getInputStream(file)
-        val readContent = inputStream.readBytes()
-        inputStream.close()
-        assertArrayEquals(content, readContent)
-
-        // write smaller content to same file
-        val outputStream2 = storage.getOutputStream(file)
-        val content2 = ByteArray(42).apply { Random.nextBytes(this) }
-        outputStream2.write(content2)
-        outputStream2.flush()
-        outputStream2.close()
-
-        // read written data from input stream
-        val inputStream2 = storage.getInputStream(file)
-        val readContent2 = inputStream2.readBytes()
-        inputStream2.close()
-        assertArrayEquals(content2, readContent2)
-    }
-
-    @Test
-    fun testFindFile() = runBlocking(Dispatchers.IO) {
-        val foundFile = storage.rootBackupDir!!.findFileBlocking(context, file.name!!)
-        assertNotNull(foundFile)
-        assertEquals(filename, foundFile!!.name)
-        assertEquals(storage.rootBackupDir!!.uri, foundFile.parentFile?.uri)
-    }
-
-    @Test
-    fun testCreateFile() {
-        // create test file
-        val dir = storage.rootBackupDir!!
-        val createdFile = dir.createFile("text", getRandomBase64())
-        assertNotNull(createdFile)
-        assertNotNull(createdFile!!.name)
-
-        // write some data into it
-        val data = getRandomByteArray()
-        context.contentResolver.openOutputStream(createdFile.uri)!!.writeAndClose(data)
-
-        // data should still be there
-        assertReadEquals(data, context.contentResolver.openInputStream(createdFile.uri))
-
-        // delete again
-        createdFile.delete()
-        assertFalse(createdFile.exists())
-    }
-
-    @Test
-    fun testCreateTwoFiles() = runBlocking {
-        val mimeType = "application/octet-stream"
-        val dir = storage.rootBackupDir!!
-
-        // create test file
-        val name1 = getRandomBase64(Random.nextInt(1, 10))
-        val file1 = requireNotNull(dir.createFile(mimeType, name1))
-        assertTrue(file1.exists())
-        assertEquals(name1, file1.name)
-        assertEquals(0L, file1.length())
-
-        assertReadEquals(getRandomByteArray(0), context.contentResolver.openInputStream(file1.uri))
-
-        // write some data into it
-        val data1 = getRandomByteArray(5 * 1024 * 1024)
-        context.contentResolver.openOutputStream(file1.uri)!!.writeAndClose(data1)
-        assertEquals(data1.size.toLong(), file1.length())
-
-        // data should still be there
-        assertReadEquals(data1, context.contentResolver.openInputStream(file1.uri))
-
-        // create test file
-        val name2 = getRandomBase64(Random.nextInt(1, 10))
-        val file2 = requireNotNull(dir.createFile(mimeType, name2))
-        assertTrue(file2.exists())
-        assertEquals(name2, file2.name)
-
-        // write some data into it
-        val data2 = getRandomByteArray(12 * 1024 * 1024)
-        context.contentResolver.openOutputStream(file2.uri)!!.writeAndClose(data2)
-        assertEquals(data2.size.toLong(), file2.length())
-
-        // data should still be there
-        assertReadEquals(data2, context.contentResolver.openInputStream(file2.uri))
-
-        // delete files again
-        file1.delete()
-        file2.delete()
-        assertFalse(file1.exists())
-        assertFalse(file2.exists())
-    }
-
-    @Test
-    fun testGetLoadedCursor() = runBlocking {
-        // empty cursor extras are like not loading, returns same cursor right away
-        val cursor1: Cursor = mockk()
-        every { cursor1.extras } returns Bundle()
-        assertEquals(cursor1, getLoadedCursor { cursor1 })
-
-        // explicitly not loading, returns same cursor right away
-        val cursor2: Cursor = mockk()
-        every { cursor2.extras } returns Bundle().apply { putBoolean(EXTRA_LOADING, false) }
-        assertEquals(cursor2, getLoadedCursor { cursor2 })
-
-        // loading cursor registers content observer, times out and closes cursor
-        val cursor3: Cursor = mockk()
-        every { cursor3.extras } returns Bundle().apply { putBoolean(EXTRA_LOADING, true) }
-        every { cursor3.registerContentObserver(any()) } just Runs
-        every { cursor3.close() } just Runs
-        coAssertThrows(TimeoutCancellationException::class.java) {
-            getLoadedCursor(1000) { cursor3 }
-        }
-        verify { cursor3.registerContentObserver(any()) }
-        verify { cursor3.close() } // ensure that cursor gets closed
-
-        // loading cursor registers content observer, but re-query fails
-        val cursor4: Cursor = mockk()
-        val observer4 = slot<ContentObserver>()
-        val query: () -> Cursor? = { if (observer4.isCaptured) null else cursor4 }
-        every { cursor4.extras } returns Bundle().apply { putBoolean(EXTRA_LOADING, true) }
-        every { cursor4.registerContentObserver(capture(observer4)) } answers {
-            observer4.captured.onChange(false, Uri.parse("foo://bar"))
-        }
-        every { cursor4.close() } just Runs
-        coAssertThrows(IOException::class.java) {
-            getLoadedCursor(10_000, query)
-        }
-        assertTrue(observer4.isCaptured)
-        verify { cursor4.close() } // ensure that cursor gets closed
-
-        // loading cursor registers content observer, re-queries and returns new result
-        val cursor5: Cursor = mockk()
-        val result5: Cursor = mockk()
-        val observer5 = slot<ContentObserver>()
-        val query5: () -> Cursor? = { if (observer5.isCaptured) result5 else cursor5 }
-        every { cursor5.extras } returns Bundle().apply { putBoolean(EXTRA_LOADING, true) }
-        every { cursor5.registerContentObserver(capture(observer5)) } answers {
-            observer5.captured.onChange(false, null)
-        }
-        every { cursor5.close() } just Runs
-        assertEquals(result5, getLoadedCursor(10_000, query5))
-        assertTrue(observer5.isCaptured)
-        verify { cursor5.close() } // ensure that initial cursor got closed
-    }
-
-}

app/src/androidTest/java/com/stevesoltys/seedvault/transport/backup/KvBackupInstrumentationTest.kt

@@ -0,0 +1,90 @@
+/*
+ * SPDX-FileCopyrightText: 2024 The Calyx Institute
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+package com.stevesoltys.seedvault.transport.backup
+
+import android.app.backup.BackupDataInput
+import android.app.backup.BackupTransport.FLAG_NON_INCREMENTAL
+import android.content.pm.PackageInfo
+import android.os.ParcelFileDescriptor
+import androidx.test.ext.junit.runners.AndroidJUnit4
+import androidx.test.filters.MediumTest
+import com.stevesoltys.seedvault.repo.BackupData
+import com.stevesoltys.seedvault.repo.BackupReceiver
+import io.mockk.CapturingSlot
+import io.mockk.Runs
+import io.mockk.coEvery
+import io.mockk.every
+import io.mockk.just
+import io.mockk.mockk
+import kotlinx.coroutines.runBlocking
+import org.junit.Assert.assertArrayEquals
+import org.junit.Assert.assertNull
+import org.junit.Test
+import org.junit.runner.RunWith
+import org.koin.core.component.KoinComponent
+import org.koin.core.component.inject
+import kotlin.random.Random
+import kotlin.test.assertEquals
+
+@RunWith(AndroidJUnit4::class)
+@MediumTest
+class KvBackupInstrumentationTest : KoinComponent {
+
+    private val backupReceiver: BackupReceiver = mockk()
+    private val inputFactory: InputFactory = mockk()
+    private val dbManager: KvDbManager by inject()
+
+    private val backup = KVBackup(
+        backupReceiver = backupReceiver,
+        inputFactory = inputFactory,
+        dbManager = dbManager,
+    )
+
+    private val data = mockk<ParcelFileDescriptor>()
+    private val dataInput = mockk<BackupDataInput>()
+    private val key = "foo.bar"
+    private val dataValue = Random.nextBytes(23)
+
+    @Test
+    fun `test non-incremental backup with existing DB`() {
+        val packageName = "com.example"
+        val backupData = BackupData(emptyList(), emptyMap())
+
+        // create existing db
+        dbManager.getDb(packageName).use { db ->
+            db.put("foo", "bar".toByteArray())
+        }
+
+        val packageInfo = PackageInfo().apply {
+            this.packageName = packageName
+        }
+
+        every { inputFactory.getBackupDataInput(data) } returns dataInput
+        every { dataInput.readNextHeader() } returnsMany listOf(true, false)
+        every { dataInput.key } returns key
+        every { dataInput.dataSize } returns dataValue.size
+        val slot = CapturingSlot<ByteArray>()
+        every { dataInput.readEntityData(capture(slot), 0, dataValue.size) } answers {
+            dataValue.copyInto(slot.captured)
+            dataValue.size
+        }
+        every { data.close() } just Runs
+
+        backup.performBackup(packageInfo, data, FLAG_NON_INCREMENTAL)
+
+        coEvery { backupReceiver.readFromStream(any(), any()) } returns backupData
+
+        runBlocking {
+            assertEquals(backupData, backup.finishBackup())
+        }
+
+        dbManager.getDb(packageName).use { db ->
+            assertNull(db.get("foo")) // existing data foo is gone
+            assertArrayEquals(dataValue, db.get(key)) // new data got added
+        }
+    }
+
+}

app/src/androidTest/java/com/stevesoltys/seedvault/transport/backup/PackageServiceTest.kt

@@ -1,21 +1,70 @@
+/*
+ * SPDX-FileCopyrightText: 2020 The Calyx Institute
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
 package com.stevesoltys.seedvault.transport.backup
 
+import android.content.pm.PackageInfo
 import android.util.Log
 import androidx.test.ext.junit.runners.AndroidJUnit4
+import androidx.test.filters.MediumTest
+import com.stevesoltys.seedvault.backend.BackendManager
+import com.stevesoltys.seedvault.settings.AppStatus
+import com.stevesoltys.seedvault.settings.SettingsManager
+import io.mockk.every
+import io.mockk.mockk
+import org.calyxos.seedvault.core.backends.Backend
+import org.junit.Assert.assertFalse
+import org.junit.Assert.assertTrue
 import org.junit.Test
 import org.junit.runner.RunWith
-import org.koin.core.KoinComponent
-import org.koin.core.inject
+import org.koin.core.component.KoinComponent
+import org.koin.core.component.inject
 
 @RunWith(AndroidJUnit4::class)
+@MediumTest
 class PackageServiceTest : KoinComponent {
 
     private val packageService: PackageService by inject()
 
+    private val settingsManager: SettingsManager by inject()
+
+    private val backendManager: BackendManager by inject()
+
+    private val backend: Backend get() = backendManager.backend
+
     @Test
     fun testNotAllowedPackages() {
         val packages = packageService.notBackedUpPackages
         Log.e("TEST", "Packages: $packages")
     }
 
+    @Test
+    fun `shouldIncludeAppInBackup exempts plugin provider and blacklisted apps`() {
+        val packageInfo = PackageInfo().apply {
+            packageName = "com.example"
+        }
+
+        val disabledAppStatus = mockk<AppStatus>().apply {
+            every { packageName } returns packageInfo.packageName
+            every { enabled } returns false
+        }
+        settingsManager.onAppBackupStatusChanged(disabledAppStatus)
+
+        // Should not backup blacklisted apps
+        assertFalse(packageService.shouldIncludeAppInBackup(packageInfo.packageName))
+
+        val enabledAppStatus = mockk<AppStatus>().apply {
+            every { packageName } returns packageInfo.packageName
+            every { enabled } returns true
+        }
+        settingsManager.onAppBackupStatusChanged(enabledAppStatus)
+
+        // Should backup non-blacklisted apps
+        assertTrue(packageService.shouldIncludeAppInBackup(packageInfo.packageName))
+
+        // Should not backup storage provider
+        assertFalse(packageService.shouldIncludeAppInBackup(backend.providerPackageName!!))
+    }
 }

app/src/androidTest/java/com/stevesoltys/seedvault/worker/IconManagerTest.kt

@@ -0,0 +1,128 @@
+/*
+ * SPDX-FileCopyrightText: 2024 The Calyx Institute
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+package com.stevesoltys.seedvault.worker
+
+import android.content.pm.PackageInfo
+import androidx.test.ext.junit.runners.AndroidJUnit4
+import androidx.test.filters.MediumTest
+import androidx.test.platform.app.InstrumentationRegistry
+import com.github.luben.zstd.ZstdOutputStream
+import com.google.protobuf.ByteString
+import com.stevesoltys.seedvault.MAGIC_PACKAGE_MANAGER
+import com.stevesoltys.seedvault.metadata.BackupType
+import com.stevesoltys.seedvault.proto.SnapshotKt.blob
+import com.stevesoltys.seedvault.repo.AppBackupManager
+import com.stevesoltys.seedvault.repo.BackupData
+import com.stevesoltys.seedvault.repo.BackupReceiver
+import com.stevesoltys.seedvault.repo.Loader
+import com.stevesoltys.seedvault.repo.SnapshotCreatorFactory
+import com.stevesoltys.seedvault.transport.backup.PackageService
+import io.mockk.Runs
+import io.mockk.coEvery
+import io.mockk.every
+import io.mockk.just
+import io.mockk.mockk
+import io.mockk.slot
+import junit.framework.TestCase.assertTrue
+import kotlinx.coroutines.runBlocking
+import org.calyxos.seedvault.core.backends.AppBackupFileType
+import org.calyxos.seedvault.core.toHexString
+import org.junit.Assert.assertArrayEquals
+import org.junit.Test
+import org.junit.runner.RunWith
+import org.koin.core.component.KoinComponent
+import org.koin.core.component.inject
+import java.io.ByteArrayInputStream
+import java.io.ByteArrayOutputStream
+import kotlin.random.Random
+
+@RunWith(AndroidJUnit4::class)
+@MediumTest
+class IconManagerTest : KoinComponent {
+
+    private val context = InstrumentationRegistry.getInstrumentation().targetContext
+    private val packageService by inject<PackageService>()
+    private val backupReceiver = mockk<BackupReceiver>()
+    private val loader = mockk<Loader>()
+    private val appBackupManager = mockk<AppBackupManager>()
+    private val snapshotCreatorFactory by inject<SnapshotCreatorFactory>()
+    private val snapshotCreator = snapshotCreatorFactory.createSnapshotCreator()
+
+    private val iconManager = IconManager(
+        context = context,
+        packageService = packageService,
+        crypto = mockk(),
+        backupReceiver = backupReceiver,
+        loader = loader,
+        appBackupManager = appBackupManager,
+    )
+
+    init {
+        every { appBackupManager.snapshotCreator } returns snapshotCreator
+    }
+
+    @Test
+    fun `test upload and then download`(): Unit = runBlocking {
+        // prepare output data
+        val output = slot<ByteArray>()
+        val chunkId = Random.nextBytes(32).toHexString()
+        val chunkList = listOf(chunkId)
+        val blobId = Random.nextBytes(32).toHexString()
+        val blob = blob { id = ByteString.fromHex(blobId) }
+
+        // upload icons and capture plaintext bytes
+        coEvery { backupReceiver.addBytes(any(), capture(output)) } just Runs
+        coEvery {
+            backupReceiver.finalize(any())
+        } returns BackupData(chunkList, mapOf(chunkId to blob))
+        iconManager.uploadIcons()
+        assertTrue(output.captured.isNotEmpty())
+
+        // @pm@ is needed
+        val pmPackageInfo = PackageInfo().apply { packageName = MAGIC_PACKAGE_MANAGER }
+        val backupData = BackupData(emptyList(), emptyMap())
+        snapshotCreator.onPackageBackedUp(pmPackageInfo, BackupType.KV, backupData)
+
+        // get snapshot and assert it has icon chunks
+        val snapshot = snapshotCreator.finalizeSnapshot()
+        assertTrue(snapshot.iconChunkIdsCount > 0)
+
+        // prepare data for downloading icons
+        val repoId = Random.nextBytes(32).toHexString()
+        val inputStream = ByteArrayInputStream(output.captured)
+        coEvery { loader.loadFile(AppBackupFileType.Blob(repoId, blobId)) } returns inputStream
+
+        // download icons and ensure we had an icon for at least one app
+        val iconSet = iconManager.downloadIcons(repoId, snapshot)
+        assertTrue(iconSet.isNotEmpty())
+    }
+
+    @Test
+    fun `test upload produces deterministic output`(): Unit = runBlocking {
+        val output1 = slot<ByteArray>()
+        val output2 = slot<ByteArray>()
+
+        coEvery { backupReceiver.addBytes(any(), capture(output1)) } just Runs
+        coEvery { backupReceiver.finalize(any()) } returns BackupData(emptyList(), emptyMap())
+        iconManager.uploadIcons()
+        assertTrue(output1.captured.isNotEmpty())
+
+        coEvery { backupReceiver.addBytes(any(), capture(output2)) } just Runs
+        coEvery { backupReceiver.finalize(any()) } returns BackupData(emptyList(), emptyMap())
+        iconManager.uploadIcons()
+        assertTrue(output2.captured.isNotEmpty())
+
+        assertArrayEquals(output1.captured, output2.captured)
+
+        // print compressed and uncompressed size
+        val size = output1.captured.size.toFloat() / 1024 / 1024
+        val outputStream = ByteArrayOutputStream()
+        ZstdOutputStream(outputStream).use { it.write(output1.captured) }
+        val compressedSize = outputStream.size().toFloat() / 1024 / 1024
+        println("Icon size: $size MB, compressed $compressedSize MB")
+    }
+
+}

app/src/debug/AndroidManifest.xml

@@ -0,0 +1,27 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!--
+  SPDX-FileCopyrightText: 2020 The Calyx Institute
+  SPDX-License-Identifier: Apache-2.0
+  -->
+<manifest xmlns:android="http://schemas.android.com/apk/res/android"
+    xmlns:tools="http://schemas.android.com/tools">
+
+    <application>
+        <!-- Remove permission requirements only for debug versions to make development easier -->
+        <activity
+            android:name="com.stevesoltys.seedvault.settings.SettingsActivity"
+            android:exported="true"
+            tools:remove="android:permission">
+            <intent-filter>
+                <action android:name="android.intent.action.MAIN" />
+                <category android:name="android.intent.category.LAUNCHER" />
+            </intent-filter>
+        </activity>
+
+        <activity
+            android:name="com.stevesoltys.seedvault.restore.RestoreActivity"
+            android:exported="true"
+            tools:remove="android:permission" />
+    </application>
+
+</manifest>

app/src/debug/res/values/config.xml

@@ -1,10 +1,14 @@
 <?xml version="1.0" encoding="utf-8"?>
+<!--
+  SPDX-FileCopyrightText: 2020 The Calyx Institute
+  SPDX-License-Identifier: Apache-2.0
+  -->
 <resources>
-    <bool name="show_restore_in_settings">true</bool>
-
     <string-array name="storage_authority_whitelist">
         <item>com.android.externalstorage.documents</item>
         <item>org.nextcloud.documents</item>
         <item>org.nextcloud.beta.documents</item>
+        <item>at.bitfire.davdroid.webdav</item>
+        <item>de.felixnuesse.extract.vcp</item>
     </string-array>
 </resources>

app/src/main/AndroidManifest.xml

@@ -1,9 +1,14 @@
 <?xml version="1.0" encoding="utf-8"?>
+<!--
+  SPDX-FileCopyrightText: 2017-2019 Steve Soltys
+  SPDX-FileCopyrightText: 2020 The Calyx Institute
+  SPDX-License-Identifier: Apache-2.0
+  -->
 <manifest xmlns:android="http://schemas.android.com/apk/res/android"
     xmlns:tools="http://schemas.android.com/tools"
     package="com.stevesoltys.seedvault"
-    android:versionCode="30000221"
-    android:versionName="11-2.2">
+    android:versionCode="35050000"
+    android:versionName="15-5.0">
     <!--
     The version code is the targeted SDK_VERSION plus 6 digits for our own version code.
     The version name is the targeted Android version followed by - and our own version name.
@@ -16,7 +21,14 @@
     <!-- This is needed to check for internet access when backup is stored on network storage -->
     <uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" />
 
-    <!-- This is needed to retrieve the available storage roots -->
+    <!-- Used for internal WebDAV plugin -->
+    <uses-permission android:name="android.permission.INTERNET" />
+
+    <!-- This is needed to inform users about backup status and errors -->
+    <uses-permission android:name="android.permission.POST_NOTIFICATIONS" />
+
+    <!-- (Optional) This is needed to retrieve the available storage roots.
+         The user needs to manually select a storage root, if not granted. -->
     <uses-permission
         android:name="android.permission.MANAGE_DOCUMENTS"
         tools:ignore="ProtectedPermissions" />
@@ -50,6 +62,23 @@
     <!-- Used to authenticate saving a new recovery code -->
     <uses-permission android:name="android.permission.USE_BIOMETRIC" />
 
+    <!-- This is needed to query content providers in other users -->
+    <uses-permission
+        android:name="android.permission.INTERACT_ACROSS_USERS_FULL"
+        tools:ignore="ProtectedPermissions" />
+
+    <!-- Used to get logcat for system part of backup API, gets permission dialog -->
+    <uses-permission
+        android:name="android.permission.READ_LOGS"
+        tools:ignore="ProtectedPermissions" />
+
+    <!-- Used to get the name of the current profile -->
+    <uses-permission android:name="android.permission.QUERY_USERS"
+        tools:ignore="ProtectedPermissions" />
+
+    <!-- Used for periodic storage backups -->
+    <uses-permission android:name="android.permission.FOREGROUND_SERVICE_DATA_SYNC" />
+
     <!-- Permission used to open settings -->
     <permission
         android:name="com.stevesoltys.seedvault.OPEN_SETTINGS"
@@ -65,19 +94,20 @@
         android:allowBackup="false"
         android:icon="@mipmap/ic_launcher"
         android:label="@string/app_name"
-        android:roundIcon="@mipmap/ic_launcher_round"
         android:supportsRtl="true"
         android:theme="@style/AppTheme"
         tools:ignore="GoogleAppIndexingWarning">
 
         <activity
             android:name=".settings.SettingsActivity"
+            android:exported="true"
+            android:launchMode="singleTask"
             android:permission="com.stevesoltys.seedvault.OPEN_SETTINGS"
-            android:exported="true" />
+            android:windowSoftInputMode="adjustResize" />
 
         <activity
             android:name=".ui.storage.StorageActivity"
-            android:theme="@style/AppTheme.NoActionBar" />
+            android:windowSoftInputMode="adjustResize" />
 
         <activity
             android:name=".ui.storage.PermissionGrantActivity"
@@ -87,20 +117,25 @@
         <activity
             android:name=".ui.recoverycode.RecoveryCodeActivity"
             android:label="@string/recovery_code_title"
-            android:theme="@style/AppTheme.NoActionBar" />
+            android:windowSoftInputMode="adjustResize" />
 
         <activity
             android:name=".restore.RestoreActivity"
-            android:permission="com.stevesoltys.seedvault.RESTORE_BACKUP"
             android:exported="true"
             android:label="@string/restore_title"
-            android:theme="@style/AppTheme.NoActionBar">
+            android:launchMode="singleTask"
+            android:permission="com.stevesoltys.seedvault.RESTORE_BACKUP">
             <intent-filter>
                 <action android:name="com.stevesoltys.seedvault.RESTORE_BACKUP" />
                 <category android:name="android.intent.category.DEFAULT" />
             </intent-filter>
         </activity>
 
+        <activity
+            android:name=".ui.check.AppCheckResultActivity"
+            android:label="@string/notification_checking_finished_title"
+            android:launchMode="singleTask"/>
+
         <service
             android:name=".transport.ConfigurableBackupTransportService"
             android:exported="false">
@@ -128,28 +163,30 @@
             </intent-filter>
         </receiver>
 
-        <receiver
-            android:name=".SecretCodeReceiver">
-            <intent-filter>
-                <action android:name="android.telephony.action.SECRET_CODE" />
-                <!-- *#*#RESTORE#*#* -->
-                <data android:scheme="android_secret_code" android:host="7378673" />
-            </intent-filter>
-        </receiver>
-
+        <!-- Used by Workmanager to schedule our workers -->
+        <service
+            android:name="androidx.work.impl.foreground.SystemForegroundService"
+            android:foregroundServiceType="dataSync"
+            tools:node="merge" />
         <!-- Used to start actual BackupService depending on scheduling criteria -->
         <service
             android:name=".storage.StorageBackupJobService"
             android:exported="false"
             android:label="BackupJobService"
             android:permission="android.permission.BIND_JOB_SERVICE" />
-        <!-- Does the actual backup work as a foreground service -->
+        <!-- Does app restore as a foreground service -->
+        <service
+            android:name=".restore.RestoreService"
+            android:exported="false"
+            android:foregroundServiceType="dataSync"
+            android:label="RestoreService" />
+        <!-- Does the actual file backup work as a foreground service -->
         <service
             android:name=".storage.StorageBackupService"
             android:exported="false"
             android:foregroundServiceType="dataSync"
             android:label="BackupService" />
-        <!-- Does restore as a foreground service -->
+        <!-- Does file restore as a foreground service -->
         <service
             android:name=".storage.StorageRestoreService"
             android:exported="false"

app/src/main/assets/logback.xml

@@ -0,0 +1,23 @@
+<!--
+  SPDX-FileCopyrightText: 2024 The Calyx Institute
+  SPDX-License-Identifier: Apache-2.0
+  -->
+<configuration
+    xmlns="https://tony19.github.io/logback-android/xml"
+    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+    xsi:schemaLocation="https://tony19.github.io/logback-android/xml https://cdn.jsdelivr.net/gh/tony19/logback-android/logback.xsd"
+>
+    <appender name="logcat" class="ch.qos.logback.classic.android.LogcatAppender">
+        <tagEncoder>
+            <pattern>%logger{12}</pattern>
+        </tagEncoder>
+        <encoder>
+            <pattern>[%-20thread] %msg</pattern>
+        </encoder>
+    </appender>
+
+    <root level="DEBUG">
+        <appender-ref ref="logcat" />
+    </root>
+</configuration>
+

app/src/main/java/com/stevesoltys/seedvault/App.kt

@@ -1,35 +1,58 @@
+/*
+ * SPDX-FileCopyrightText: 2020 The Calyx Institute
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
 package com.stevesoltys.seedvault
 
+import android.Manifest.permission.INTERACT_ACROSS_USERS_FULL
+import android.app.ActivityManager
+import android.app.ActivityManager.RunningAppProcessInfo
 import android.app.Application
+import android.app.backup.BackupManager
 import android.app.backup.BackupManager.PACKAGE_MANAGER_SENTINEL
 import android.app.backup.IBackupManager
-import android.content.Context.BACKUP_SERVICE
+import android.content.Context
+import android.content.pm.PackageManager.PERMISSION_GRANTED
 import android.os.Build
 import android.os.ServiceManager.getService
 import android.os.StrictMode
+import android.os.UserHandle
+import android.os.UserManager
+import android.util.Log
+import androidx.work.ExistingPeriodicWorkPolicy.UPDATE
+import androidx.work.WorkManager
+import com.google.android.material.color.DynamicColors
+import com.stevesoltys.seedvault.MemoryLogger.getMemStr
+import com.stevesoltys.seedvault.backend.BackendManager
+import com.stevesoltys.seedvault.backend.saf.storagePluginModuleSaf
+import com.stevesoltys.seedvault.backend.webdav.storagePluginModuleWebDav
 import com.stevesoltys.seedvault.crypto.cryptoModule
 import com.stevesoltys.seedvault.header.headerModule
-import com.stevesoltys.seedvault.metadata.MetadataManager
 import com.stevesoltys.seedvault.metadata.metadataModule
-import com.stevesoltys.seedvault.plugins.saf.documentsProviderModule
-import com.stevesoltys.seedvault.restore.RestoreViewModel
+import com.stevesoltys.seedvault.repo.repoModule
 import com.stevesoltys.seedvault.restore.install.installModule
+import com.stevesoltys.seedvault.restore.restoreUiModule
 import com.stevesoltys.seedvault.settings.AppListRetriever
 import com.stevesoltys.seedvault.settings.SettingsManager
 import com.stevesoltys.seedvault.settings.SettingsViewModel
 import com.stevesoltys.seedvault.storage.storageModule
+import com.stevesoltys.seedvault.transport.TRANSPORT_ID
 import com.stevesoltys.seedvault.transport.backup.backupModule
 import com.stevesoltys.seedvault.transport.restore.restoreModule
-import com.stevesoltys.seedvault.ui.files.FileSelectionViewModel
 import com.stevesoltys.seedvault.ui.notification.BackupNotificationManager
 import com.stevesoltys.seedvault.ui.recoverycode.RecoveryCodeViewModel
 import com.stevesoltys.seedvault.ui.storage.BackupStorageViewModel
 import com.stevesoltys.seedvault.ui.storage.RestoreStorageViewModel
+import com.stevesoltys.seedvault.worker.AppBackupWorker
+import com.stevesoltys.seedvault.worker.workerModule
+import org.calyxos.seedvault.core.backends.BackendFactory
 import org.koin.android.ext.android.inject
 import org.koin.android.ext.koin.androidContext
 import org.koin.android.ext.koin.androidLogger
 import org.koin.androidx.viewmodel.dsl.viewModel
 import org.koin.core.context.startKoin
+import org.koin.core.logger.Level
 import org.koin.dsl.module
 
 /**
@@ -38,24 +61,61 @@ import org.koin.dsl.module
  */
 open class App : Application() {
 
+    open val isTest: Boolean = false
+
     private val appModule = module {
         single { SettingsManager(this@App) }
         single { BackupNotificationManager(this@App) }
+        single { BackendManager(this@App, get(), get(), get()) }
+        single {
+            BackendFactory {
+                // uses context of the device's main user to be able to access USB storage
+                this@App.applicationContext.getStorageContext {
+                    get<SettingsManager>().getSafProperties()?.isUsb == true
+                }
+            }
+        }
+        single { BackupStateManager(this@App) }
         single { Clock() }
         factory<IBackupManager> { IBackupManager.Stub.asInterface(getService(BACKUP_SERVICE)) }
         factory { AppListRetriever(this@App, get(), get(), get()) }
 
-        viewModel { SettingsViewModel(this@App, get(), get(), get(), get(), get(), get()) }
-        viewModel { RecoveryCodeViewModel(this@App, get(), get(), get(), get(), get()) }
-        viewModel { BackupStorageViewModel(this@App, get(), get(), get(), get()) }
-        viewModel { RestoreStorageViewModel(this@App, get(), get()) }
-        viewModel { RestoreViewModel(this@App, get(), get(), get(), get(), get(), get()) }
-        viewModel { FileSelectionViewModel(this@App, get()) }
+        viewModel {
+            SettingsViewModel(
+                app = this@App,
+                settingsManager = get(),
+                keyManager = get(),
+                backendManager = get(),
+                appListRetriever = get(),
+                storageBackup = get(),
+                backupManager = get(),
+                backupStateManager = get(),
+                checker = get(),
+            )
+        }
+        viewModel {
+            RecoveryCodeViewModel(this@App, get(), get(), get(), get(), get(), get(), get())
+        }
+        viewModel {
+            BackupStorageViewModel(
+                app = this@App,
+                backupManager = get(),
+                backupInitializer = get(),
+                storageBackup = get(),
+                safHandler = get(),
+                webDavHandler = get(),
+                settingsManager = get(),
+                backendManager = get(),
+            )
+        }
+        viewModel { RestoreStorageViewModel(this@App, get(), get(), get(), get()) }
     }
 
     override fun onCreate() {
         super.onCreate()
+        DynamicColors.applyToActivitiesIfAvailable(this)
         startKoin()
+        if (!isTest) migrateToOwnScheduling()
         if (isDebugBuild()) {
             StrictMode.setThreadPolicy(
                 StrictMode.ThreadPolicy.Builder()
@@ -71,51 +131,73 @@ open class App : Application() {
                     .build()
             )
         }
-        permitDiskReads {
-            migrateTokenFromMetadataToSettingsManager()
-        }
     }
 
     protected open fun startKoin() = startKoin {
-        androidLogger()
+        androidLogger(Level.ERROR)
         androidContext(this@App)
-        modules(
-            listOf(
-                cryptoModule,
-                headerModule,
-                metadataModule,
-                documentsProviderModule, // storage plugin
-                backupModule,
-                restoreModule,
-                installModule,
-                storageModule,
-                appModule
-            )
-        )
+        modules(appModules())
     }
 
+    open fun appModules() = listOf(
+        cryptoModule,
+        headerModule,
+        metadataModule,
+        storagePluginModuleSaf,
+        storagePluginModuleWebDav,
+        backupModule,
+        restoreModule,
+        installModule,
+        storageModule,
+        repoModule,
+        workerModule,
+        restoreUiModule,
+        appModule
+    )
+
     private val settingsManager: SettingsManager by inject()
-    private val metadataManager: MetadataManager by inject()
+    private val backupManager: IBackupManager by inject()
+    private val backendManager: BackendManager by inject()
+    private val backupStateManager: BackupStateManager by inject()
+
+    override fun onTrimMemory(level: Int) {
+        Log.w("Seedvault", "onTrimMemory($level) ${getMemStr()}")
+        val processInfo = RunningAppProcessInfo()
+        ActivityManager.getMyMemoryState(processInfo)
+        Log.w("Seedvault", "  lastTrimLevel: ${processInfo.lastTrimLevel}")
+        Log.w("Seedvault", "  importance: ${processInfo.importance}")
+        super.onTrimMemory(level)
+    }
 
     /**
-     * The responsibility for the current token was moved to the [SettingsManager]
-     * in the end of 2020.
-     * This method migrates the token for existing installs and can be removed
-     * after sufficient time has passed.
+     * Disables the framework scheduling in favor of our own.
+     * Introduced in the first half of 2024 and can be removed after a suitable migration period.
      */
-    private fun migrateTokenFromMetadataToSettingsManager() {
-        @Suppress("DEPRECATION")
-        val token = metadataManager.getBackupToken()
-        if (token != 0L && settingsManager.getToken() == null) {
-            settingsManager.setNewToken(token)
+    protected open fun migrateToOwnScheduling() {
+        if (!backupStateManager.isFrameworkSchedulingEnabled) { // already on own scheduling
+            // fix things for removable drive users who had a job scheduled here before
+            if (backendManager.isOnRemovableDrive) AppBackupWorker.unschedule(applicationContext)
+            return
+        }
+
+        if (backupManager.currentTransport == TRANSPORT_ID) {
+            backupManager.setFrameworkSchedulingEnabledForUser(UserHandle.myUserId(), false)
+            if (backupManager.isBackupEnabled && !backendManager.isOnRemovableDrive) {
+                AppBackupWorker.schedule(applicationContext, settingsManager, UPDATE)
+            }
+            // cancel old D2D worker
+            WorkManager.getInstance(this).cancelUniqueWork("APP_BACKUP")
         }
     }
 
 }
 
-const val MAGIC_PACKAGE_MANAGER = PACKAGE_MANAGER_SENTINEL
+const val MAGIC_PACKAGE_MANAGER: String = PACKAGE_MANAGER_SENTINEL
 const val ANCESTRAL_RECORD_KEY = "@ancestral_record@"
+const val NO_DATA_END_SENTINEL = "@end@"
 const val GLOBAL_METADATA_KEY = "@meta@"
+const val ERROR_BACKUP_CANCELLED: Int = BackupManager.ERROR_BACKUP_CANCELLED
+const val ERROR_BACKUP_NOT_ALLOWED: Int = BackupManager.ERROR_BACKUP_NOT_ALLOWED
 
 // TODO this doesn't work for LineageOS as they do public debug builds
 fun isDebugBuild() = Build.TYPE == "userdebug"
@@ -137,3 +219,16 @@ fun <T> permitDiskReads(func: () -> T): T {
         func()
     }
 }
+
+/**
+ * Hack to allow other profiles access to USB backend.
+ * @return the context of the device's main user, so use with great care!
+ */
+@Suppress("MissingPermission")
+fun Context.getStorageContext(isUsbStorage: () -> Boolean): Context {
+    if (checkSelfPermission(INTERACT_ACROSS_USERS_FULL) == PERMISSION_GRANTED && isUsbStorage()) {
+        UserManager.get(this).getProfileParent(user)
+            ?.let { parent -> return createContextAsUser(parent, 0) }
+    }
+    return this
+}

app/src/main/java/com/stevesoltys/seedvault/BackupMonitor.kt

@@ -1,22 +1,38 @@
+/*
+ * SPDX-FileCopyrightText: 2020 The Calyx Institute
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
 package com.stevesoltys.seedvault
 
 import android.app.backup.BackupManagerMonitor.EXTRA_LOG_EVENT_CATEGORY
 import android.app.backup.BackupManagerMonitor.EXTRA_LOG_EVENT_ID
 import android.app.backup.BackupManagerMonitor.EXTRA_LOG_EVENT_PACKAGE_NAME
+import android.app.backup.BackupManagerMonitor.EXTRA_LOG_PREFLIGHT_ERROR
+import android.app.backup.BackupManagerMonitor.LOG_EVENT_ID_ERROR_PREFLIGHT
 import android.app.backup.IBackupManagerMonitor
 import android.os.Bundle
 import android.util.Log
-import android.util.Log.DEBUG
 
 private val TAG = BackupMonitor::class.java.name
 
-class BackupMonitor : IBackupManagerMonitor.Stub() {
+open class BackupMonitor : IBackupManagerMonitor.Stub() {
 
     override fun onEvent(bundle: Bundle) {
-        if (!Log.isLoggable(TAG, DEBUG)) return
-        Log.d(TAG, "ID: " + bundle.getInt(EXTRA_LOG_EVENT_ID))
-        Log.d(TAG, "CATEGORY: " + bundle.getInt(EXTRA_LOG_EVENT_CATEGORY, -1))
-        Log.d(TAG, "PACKAGE: " + bundle.getString(EXTRA_LOG_EVENT_PACKAGE_NAME, "?"))
+        onEvent(
+            id = bundle.getInt(EXTRA_LOG_EVENT_ID),
+            category = bundle.getInt(EXTRA_LOG_EVENT_CATEGORY),
+            packageName = bundle.getString(EXTRA_LOG_EVENT_PACKAGE_NAME),
+            bundle = bundle,
+        )
+    }
+
+    open fun onEvent(id: Int, category: Int, packageName: String?, bundle: Bundle) {
+        Log.d(TAG, "${packageName?.padEnd(64, ' ')} cat: $category id: $id")
+        if (id == LOG_EVENT_ID_ERROR_PREFLIGHT) {
+            val preflightResult = bundle.getLong(EXTRA_LOG_PREFLIGHT_ERROR, -1)
+            Log.w(TAG, "Pre-flight error from $packageName: $preflightResult")
+        }
     }
 
 }

app/src/main/java/com/stevesoltys/seedvault/BackupStateManager.kt

@@ -0,0 +1,66 @@
+/*
+ * SPDX-FileCopyrightText: 2024 The Calyx Institute
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+package com.stevesoltys.seedvault
+
+import android.content.Context
+import android.provider.Settings
+import android.provider.Settings.Secure.BACKUP_AUTO_RESTORE
+import android.provider.Settings.Secure.BACKUP_SCHEDULING_ENABLED
+import android.util.Log
+import androidx.work.WorkInfo.State.RUNNING
+import androidx.work.WorkManager
+import com.stevesoltys.seedvault.storage.StorageBackupService
+import com.stevesoltys.seedvault.transport.ConfigurableBackupTransportService
+import com.stevesoltys.seedvault.worker.AppBackupPruneWorker
+import com.stevesoltys.seedvault.worker.AppBackupWorker.Companion.UNIQUE_WORK_NAME
+import com.stevesoltys.seedvault.worker.AppCheckerWorker
+import kotlinx.coroutines.flow.Flow
+import kotlinx.coroutines.flow.combine
+
+private const val TAG = "BackupStateManager"
+
+class BackupStateManager(
+    context: Context,
+) {
+
+    private val workManager = WorkManager.getInstance(context)
+    private val contentResolver = context.contentResolver
+
+    val isBackupRunning: Flow<Boolean> = combine(
+        flow = ConfigurableBackupTransportService.isRunning,
+        flow2 = StorageBackupService.isRunning,
+        flow3 = workManager.getWorkInfosForUniqueWorkFlow(UNIQUE_WORK_NAME),
+    ) { appBackupRunning, filesBackupRunning, workInfo1 ->
+        val workInfoState1 = workInfo1.getOrNull(0)?.state
+        Log.i(
+            TAG, "appBackupRunning: $appBackupRunning, " +
+                "filesBackupRunning: $filesBackupRunning, " +
+                "appBackupWorker: ${workInfoState1?.name}"
+        )
+        appBackupRunning || filesBackupRunning || workInfoState1 == RUNNING
+    }
+
+    val isCheckOrPruneRunning: Flow<Boolean> = combine(
+        flow = workManager.getWorkInfosForUniqueWorkFlow(AppBackupPruneWorker.UNIQUE_WORK_NAME),
+        flow2 = workManager.getWorkInfosForUniqueWorkFlow(AppCheckerWorker.UNIQUE_WORK_NAME),
+    ) { pruneInfo, checkInfo ->
+        val pruneInfoState = pruneInfo.getOrNull(0)?.state
+        val checkInfoState = checkInfo.getOrNull(0)?.state
+        Log.i(
+            TAG,
+            "pruneBackupWorker: ${pruneInfoState?.name}, " +
+                "appCheckerWorker: ${checkInfoState?.name}"
+        )
+        pruneInfoState == RUNNING || checkInfoState == RUNNING
+    }
+
+    val isAutoRestoreEnabled: Boolean
+        get() = Settings.Secure.getInt(contentResolver, BACKUP_AUTO_RESTORE, 1) == 1
+
+    val isFrameworkSchedulingEnabled: Boolean
+        get() = Settings.Secure.getInt(contentResolver, BACKUP_SCHEDULING_ENABLED, 1) == 1
+
+}

app/src/main/java/com/stevesoltys/seedvault/Base64Utils.kt

@@ -1,3 +1,8 @@
+/*
+ * SPDX-FileCopyrightText: 2020 The Calyx Institute
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
 package com.stevesoltys.seedvault
 
 import java.nio.charset.Charset

app/src/main/java/com/stevesoltys/seedvault/Clock.kt

@@ -1,3 +1,8 @@
+/*
+ * SPDX-FileCopyrightText: 2020 The Calyx Institute
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
 package com.stevesoltys.seedvault
 
 /**

app/src/main/java/com/stevesoltys/seedvault/MemoryLogger.kt

@@ -0,0 +1,24 @@
+/*
+ * SPDX-FileCopyrightText: 2024 The Calyx Institute
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+package com.stevesoltys.seedvault
+
+import android.util.Log
+
+object MemoryLogger {
+
+    fun log() {
+        Log.d("MemoryLogger", getMemStr())
+    }
+
+    fun getMemStr(): String {
+        val r = Runtime.getRuntime()
+        val total = r.totalMemory() / 1024 / 1024
+        val free = r.freeMemory() / 1024 / 1024
+        val max = r.maxMemory() / 1024 / 1024
+        val used = total - free
+        return "$free MiB free - $used of $total (max $max)"
+    }
+}

app/src/main/java/com/stevesoltys/seedvault/SecretCodeReceiver.kt

@@ -1,24 +0,0 @@
-package com.stevesoltys.seedvault
-
-import android.content.BroadcastReceiver
-import android.content.Context
-import android.content.Intent
-import android.content.Intent.FLAG_ACTIVITY_NEW_TASK
-import android.util.Log
-import com.stevesoltys.seedvault.restore.RestoreActivity
-
-private val TAG = BroadcastReceiver::class.java.simpleName
-private val RESTORE_SECRET_CODE = "7378673"
-
-class SecretCodeReceiver : BroadcastReceiver() {
-
-    override fun onReceive(context: Context, intent: Intent) {
-        val host = intent.data.host
-        if (!RESTORE_SECRET_CODE.equals(host)) return
-        Log.d(TAG, "Restore secret code received.")
-        val i = Intent(context, RestoreActivity::class.java).apply {
-            flags = FLAG_ACTIVITY_NEW_TASK
-        }
-        context.startActivity(i)
-    }
-}

app/src/main/java/com/stevesoltys/seedvault/UsbIntentReceiver.kt

@@ -1,5 +1,11 @@
+/*
+ * SPDX-FileCopyrightText: 2020 The Calyx Institute
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
 package com.stevesoltys.seedvault
 
+import android.app.backup.IBackupManager
 import android.content.BroadcastReceiver
 import android.content.Context
 import android.content.Intent
@@ -14,26 +20,20 @@ import android.os.Handler
 import android.os.Looper
 import android.provider.DocumentsContract
 import android.util.Log
-import androidx.core.content.ContextCompat.startForegroundService
-import com.stevesoltys.seedvault.metadata.MetadataManager
 import com.stevesoltys.seedvault.settings.FlashDrive
 import com.stevesoltys.seedvault.settings.SettingsManager
-import com.stevesoltys.seedvault.storage.StorageBackupService
-import com.stevesoltys.seedvault.storage.StorageBackupService.Companion.EXTRA_START_APP_BACKUP
-import com.stevesoltys.seedvault.transport.requestBackup
 import com.stevesoltys.seedvault.ui.storage.AUTHORITY_STORAGE
-import org.koin.core.context.KoinContextHandler.get
-import java.util.concurrent.TimeUnit.HOURS
+import com.stevesoltys.seedvault.worker.BackupRequester.Companion.requestFilesAndAppBackup
+import org.koin.core.context.GlobalContext.get
+import java.util.Date
 
 private val TAG = UsbIntentReceiver::class.java.simpleName
 
-private const val HOURS_AUTO_BACKUP: Long = 24
-
 class UsbIntentReceiver : UsbMonitor() {
 
     // using KoinComponent would crash robolectric tests :(
-    private val settingsManager: SettingsManager by lazy { get().get<SettingsManager>() }
-    private val metadataManager: MetadataManager by lazy { get().get<MetadataManager>() }
+    private val settingsManager: SettingsManager by lazy { get().get() }
+    private val backupManager: IBackupManager by lazy { get().get() }
 
     override fun shouldMonitorStatus(context: Context, action: String, device: UsbDevice): Boolean {
         if (action != ACTION_USB_DEVICE_ATTACHED) return false
@@ -42,12 +42,15 @@ class UsbIntentReceiver : UsbMonitor() {
         val attachedFlashDrive = FlashDrive.from(device)
         return if (savedFlashDrive == attachedFlashDrive) {
             Log.d(TAG, "Matches stored device, checking backup time...")
-            val backupMillis = System.currentTimeMillis() - metadataManager.getLastBackupTime()
-            if (backupMillis >= HOURS.toMillis(HOURS_AUTO_BACKUP)) {
-                Log.d(TAG, "Last backup older than 24 hours, requesting a backup...")
+            val lastBackupTime = settingsManager.lastBackupTime.value ?: 0
+            val backupMillis = System.currentTimeMillis() - lastBackupTime
+            if (backupMillis >= settingsManager.backupFrequencyInMillis) {
+                Log.d(TAG, "Last backup older than it should be, requesting a backup...")
+                Log.d(TAG, "  ${Date(lastBackupTime)}")
                 true
             } else {
                 Log.d(TAG, "We have a recent backup, not requesting a new one.")
+                Log.d(TAG, "  ${Date(lastBackupTime)}")
                 false
             }
         } else {
@@ -57,16 +60,7 @@ class UsbIntentReceiver : UsbMonitor() {
     }
 
     override fun onStatusChanged(context: Context, action: String, device: UsbDevice) {
-        if (settingsManager.isStorageBackupEnabled()) {
-            val i = Intent(context, StorageBackupService::class.java)
-            // this starts an app backup afterwards
-            i.putExtra(EXTRA_START_APP_BACKUP, true)
-            startForegroundService(context, i)
-        } else {
-            Thread {
-                requestBackup(context)
-            }.start()
-        }
+        requestFilesAndAppBackup(context, settingsManager, backupManager)
     }
 
 }
@@ -82,7 +76,7 @@ abstract class UsbMonitor : BroadcastReceiver() {
         if (intent.action == ACTION_USB_DEVICE_ATTACHED ||
             intent.action == ACTION_USB_DEVICE_DETACHED
         ) {
-            val device = intent.extras?.getParcelable<UsbDevice>(EXTRA_DEVICE) ?: return
+            val device = intent.extras?.getParcelable(EXTRA_DEVICE, UsbDevice::class.java) ?: return
             Log.d(TAG, "New USB mass-storage device attached.")
             device.log()
 

app/src/main/java/com/stevesoltys/seedvault/backend/BackendManager.kt

@@ -0,0 +1,144 @@
+/*
+ * SPDX-FileCopyrightText: 2024 The Calyx Institute
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+package com.stevesoltys.seedvault.backend
+
+import android.content.Context
+import android.util.Log
+import androidx.annotation.WorkerThread
+import com.stevesoltys.seedvault.getStorageContext
+import com.stevesoltys.seedvault.permitDiskReads
+import com.stevesoltys.seedvault.repo.BlobCache
+import com.stevesoltys.seedvault.settings.SettingsManager
+import com.stevesoltys.seedvault.settings.StoragePluginType
+import org.calyxos.seedvault.core.backends.Backend
+import org.calyxos.seedvault.core.backends.BackendFactory
+import org.calyxos.seedvault.core.backends.BackendProperties
+import org.calyxos.seedvault.core.backends.saf.SafBackend
+
+class BackendManager(
+    private val context: Context,
+    private val settingsManager: SettingsManager,
+    private val blobCache: BlobCache,
+    backendFactory: BackendFactory,
+) {
+
+    @Volatile
+    private var mBackend: Backend?
+
+    @Volatile
+    private var mBackendProperties: BackendProperties<*>?
+
+    val backend: Backend
+        @Synchronized
+        get() {
+            return mBackend ?: error("App plugin was loaded, but still null")
+        }
+
+    val backendProperties: BackendProperties<*>?
+        @Synchronized
+        get() {
+            return mBackendProperties
+        }
+    val isOnRemovableDrive: Boolean get() = backendProperties?.isUsb == true
+    val requiresNetwork: Boolean get() = backendProperties?.requiresNetwork == true
+
+    init {
+        when (settingsManager.storagePluginType) {
+            StoragePluginType.SAF -> {
+                val safConfig = settingsManager.getSafProperties() ?: error("No SAF storage saved")
+                mBackend = backendFactory.createSafBackend(safConfig)
+                mBackendProperties = safConfig
+            }
+
+            StoragePluginType.WEB_DAV -> {
+                val webDavProperties =
+                    settingsManager.webDavProperties ?: error("No WebDAV config saved")
+                mBackend = backendFactory.createWebDavBackend(webDavProperties.config)
+                mBackendProperties = webDavProperties
+            }
+
+            null -> {
+                mBackend = null
+                mBackendProperties = null
+            }
+        }
+    }
+
+    fun isValidAppPluginSet(): Boolean {
+        if (mBackend == null) return false
+        if (mBackend is SafBackend) {
+            val storage = settingsManager.getSafProperties() ?: return false
+            if (storage.isUsb) return true
+            return permitDiskReads {
+                storage.getDocumentFile(context).isDirectory
+            }
+        }
+        return true
+    }
+
+    /**
+     * Changes the storage plugins and current [BackendProperties].
+     *
+     * IMPORTANT: Do no call this while current plugins are being used,
+     *            e.g. while backup/restore operation is still running.
+     */
+    @WorkerThread
+    @Synchronized
+    fun <T> changePlugins(
+        backend: Backend,
+        storageProperties: BackendProperties<T>,
+    ) {
+        settingsManager.setStorageBackend(backend)
+        mBackend = backend
+        mBackendProperties = storageProperties
+        blobCache.clearLocalCache()
+        // TODO not critical, but nice to have: clear also local snapshot cache
+    }
+
+    /**
+     * Check if we are able to do backups now by examining possible pre-conditions
+     * such as plugged-in flash drive or internet access.
+     *
+     * Should be run off the UI thread (ideally I/O) because of disk access.
+     *
+     * @return true if a backup is possible, false if not.
+     */
+    @WorkerThread
+    fun canDoBackupNow(): Boolean {
+        val storage = backendProperties ?: return false
+        return !isOnUnavailableUsb() &&
+            !storage.isUnavailableNetwork(context, settingsManager.useMeteredNetwork)
+    }
+
+    /**
+     * Checks if storage is on a flash drive.
+     *
+     * Should be run off the UI thread (ideally I/O) because of disk access.
+     *
+     * @return true if flash drive is not plugged in,
+     * false if storage isn't on flash drive or it isn't plugged in.
+     */
+    @WorkerThread
+    fun isOnUnavailableUsb(): Boolean {
+        val storage = backendProperties ?: return false
+        val systemContext = context.getStorageContext { storage.isUsb }
+        return storage.isUnavailableUsb(systemContext)
+    }
+
+    /**
+     * Retrieves the amount of free space in bytes, or null if unknown.
+     */
+    @WorkerThread
+    suspend fun getFreeSpace(): Long? {
+        return try {
+            backend.getFreeSpace()
+        } catch (e: Throwable) { // NoClassDefFound isn't an [Exception], can get thrown by dav4jvm
+            Log.e("StoragePluginManager", "Error getting free space: ", e)
+            null
+        }
+    }
+
+}

app/src/main/java/com/stevesoltys/seedvault/backend/LegacyStoragePlugin.kt

@@ -1,10 +1,16 @@
-package com.stevesoltys.seedvault.transport.restore
+/*
+ * SPDX-FileCopyrightText: 2020 The Calyx Institute
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+package com.stevesoltys.seedvault.backend
 
 import android.content.pm.PackageInfo
 import java.io.IOException
 import java.io.InputStream
 
-interface KVRestorePlugin {
+@Deprecated("Only for old v0 backup format")
+interface LegacyStoragePlugin {
 
     /**
      * Return true if there is data stored for the given package.
@@ -33,7 +39,22 @@ interface KVRestorePlugin {
     suspend fun getInputStreamForRecord(
         token: Long,
         packageInfo: PackageInfo,
-        key: String
+        key: String,
     ): InputStream
 
+    /**
+     * Return true if there is data stored for the given package.
+     */
+    @Throws(IOException::class)
+    suspend fun hasDataForFullPackage(token: Long, packageInfo: PackageInfo): Boolean
+
+    @Throws(IOException::class)
+    suspend fun getInputStreamForPackage(token: Long, packageInfo: PackageInfo): InputStream
+
+    /**
+     * Returns an [InputStream] for the given token, for reading an APK that is to be restored.
+     */
+    @Throws(IOException::class)
+    suspend fun getApkInputStream(token: Long, packageName: String, suffix: String): InputStream
+
 }

app/src/main/java/com/stevesoltys/seedvault/backend/saf/DocumentsProviderLegacyPlugin.kt

@@ -1,18 +1,27 @@
-package com.stevesoltys.seedvault.plugins.saf
+/*
+ * SPDX-FileCopyrightText: 2020 The Calyx Institute
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+package com.stevesoltys.seedvault.backend.saf
 
 import android.content.Context
 import android.content.pm.PackageInfo
+import androidx.annotation.WorkerThread
 import androidx.documentfile.provider.DocumentFile
-import com.stevesoltys.seedvault.transport.restore.KVRestorePlugin
+import com.stevesoltys.seedvault.backend.LegacyStoragePlugin
+import java.io.FileNotFoundException
 import java.io.IOException
 import java.io.InputStream
 
-@Suppress("BlockingMethodInNonBlockingContext")
-internal class DocumentsProviderKVRestorePlugin(
+@WorkerThread
+@Suppress("Deprecation")
+internal class DocumentsProviderLegacyPlugin(
     private val context: Context,
-    private val storage: DocumentsStorage
-) : KVRestorePlugin {
+    private val storageGetter: () -> DocumentsStorage,
+) : LegacyStoragePlugin {
 
+    private val storage get() = storageGetter()
     private var packageDir: DocumentFile? = null
     private var packageChildren: List<DocumentFile>? = null
 
@@ -47,7 +56,7 @@ internal class DocumentsProviderKVRestorePlugin(
     override suspend fun getInputStreamForRecord(
         token: Long,
         packageInfo: PackageInfo,
-        key: String
+        key: String,
     ): InputStream {
         val packageDir = this.packageDir
             ?: throw AssertionError("No cached packageDir for ${packageInfo.packageName}")
@@ -58,4 +67,33 @@ internal class DocumentsProviderKVRestorePlugin(
         return storage.getInputStream(keyFile)
     }
 
+    @Throws(IOException::class)
+    override suspend fun hasDataForFullPackage(token: Long, packageInfo: PackageInfo): Boolean {
+        val backupDir = storage.getFullBackupDir(token) ?: return false
+        return backupDir.findFileBlocking(context, packageInfo.packageName) != null
+    }
+
+    @Throws(IOException::class)
+    override suspend fun getInputStreamForPackage(
+        token: Long,
+        packageInfo: PackageInfo,
+    ): InputStream {
+        val backupDir = storage.getFullBackupDir(token) ?: throw IOException()
+        val packageFile =
+            backupDir.findFileBlocking(context, packageInfo.packageName) ?: throw IOException()
+        return storage.getInputStream(packageFile)
+    }
+
+    @Throws(IOException::class)
+    override suspend fun getApkInputStream(
+        token: Long,
+        packageName: String,
+        suffix: String,
+    ): InputStream {
+        val setDir = storage.getSetDir(token) ?: throw IOException()
+        val file = setDir.findFileBlocking(context, "$packageName$suffix.apk")
+            ?: throw FileNotFoundException()
+        return storage.getInputStream(file)
+    }
+
 }

app/src/main/java/com/stevesoltys/seedvault/backend/saf/DocumentsProviderModule.kt

@@ -0,0 +1,27 @@
+/*
+ * SPDX-FileCopyrightText: 2020 The Calyx Institute
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+package com.stevesoltys.seedvault.backend.saf
+
+import com.stevesoltys.seedvault.backend.LegacyStoragePlugin
+import com.stevesoltys.seedvault.settings.SettingsManager
+import org.koin.android.ext.koin.androidContext
+import org.koin.dsl.module
+
+val storagePluginModuleSaf = module {
+    single { SafHandler(androidContext(), get(), get(), get()) }
+
+    @Suppress("Deprecation")
+    single<LegacyStoragePlugin> {
+        DocumentsProviderLegacyPlugin(
+            context = androidContext(),
+            storageGetter = {
+                val safProperties = get<SettingsManager>().getSafProperties()
+                    ?: error("No SAF storage")
+                DocumentsStorage(androidContext(), safProperties)
+            },
+        )
+    }
+}

app/src/main/java/com/stevesoltys/seedvault/backend/saf/DocumentsStorage.kt

@@ -0,0 +1,204 @@
+/*
+ * SPDX-FileCopyrightText: 2020 The Calyx Institute
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+package com.stevesoltys.seedvault.backend.saf
+
+import android.content.ContentResolver
+import android.content.Context
+import android.content.pm.PackageInfo
+import android.database.ContentObserver
+import android.database.Cursor
+import android.net.Uri
+import android.provider.DocumentsContract.Document.COLUMN_DOCUMENT_ID
+import android.provider.DocumentsContract.EXTRA_LOADING
+import android.provider.DocumentsContract.buildChildDocumentsUriUsingTree
+import android.provider.DocumentsContract.buildDocumentUriUsingTree
+import android.provider.DocumentsContract.getDocumentId
+import android.util.Log
+import androidx.annotation.VisibleForTesting
+import androidx.documentfile.provider.DocumentFile
+import com.stevesoltys.seedvault.getStorageContext
+import kotlinx.coroutines.TimeoutCancellationException
+import kotlinx.coroutines.runBlocking
+import kotlinx.coroutines.suspendCancellableCoroutine
+import kotlinx.coroutines.withTimeout
+import org.calyxos.seedvault.core.backends.Constants.DIRECTORY_ROOT
+import org.calyxos.seedvault.core.backends.saf.SafProperties
+import org.calyxos.seedvault.core.backends.saf.getTreeDocumentFile
+import java.io.IOException
+import java.io.InputStream
+import kotlin.coroutines.resume
+
+@Deprecated("")
+const val DIRECTORY_FULL_BACKUP = "full"
+
+@Deprecated("")
+const val DIRECTORY_KEY_VALUE_BACKUP = "kv"
+
+private val TAG = DocumentsStorage::class.java.simpleName
+
+internal class DocumentsStorage(
+    private val appContext: Context,
+    internal val safStorage: SafProperties,
+) {
+
+    /**
+     * Attention: This context might be from a different user. Use with care.
+     */
+    private val context: Context get() = appContext.getStorageContext { safStorage.isUsb }
+    private val contentResolver: ContentResolver get() = context.contentResolver
+
+    private var rootBackupDir: DocumentFile? = null
+        get() = runBlocking {
+            if (field == null) {
+                val parent = safStorage.getDocumentFile(context)
+                field = try {
+                    parent.createOrGetDirectory(context, DIRECTORY_ROOT)
+                } catch (e: IOException) {
+                    Log.e(TAG, "Error creating root backup dir.", e)
+                    null
+                }
+            }
+            field
+        }
+
+    @Throws(IOException::class)
+    suspend fun getSetDir(token: Long): DocumentFile? {
+        return rootBackupDir?.findFileBlocking(context, token.toString())
+    }
+
+    @Throws(IOException::class)
+    @Suppress("Deprecation")
+    @Deprecated("Use only for v0 restore")
+    suspend fun getKVBackupDir(token: Long): DocumentFile? {
+        return getSetDir(token)?.findFileBlocking(context, DIRECTORY_KEY_VALUE_BACKUP)
+    }
+
+    @Throws(IOException::class)
+    @Suppress("Deprecation")
+    @Deprecated("Use only for v0 restore")
+    suspend fun getFullBackupDir(token: Long): DocumentFile? {
+        return getSetDir(token)?.findFileBlocking(context, DIRECTORY_FULL_BACKUP)
+    }
+
+    @Throws(IOException::class)
+    fun getInputStream(file: DocumentFile): InputStream {
+        return try {
+            contentResolver.openInputStream(file.uri) ?: throw IOException()
+        } catch (e: Exception) {
+            // SAF can throw all sorts of exceptions, so wrap it in IOException
+            throw IOException(e)
+        }
+    }
+
+}
+
+/**
+ * Checks if a directory already exists and if not, creates it.
+ */
+@Throws(IOException::class)
+suspend fun DocumentFile.createOrGetDirectory(context: Context, name: String): DocumentFile {
+    return findFileBlocking(context, name) ?: createDirectory(name)?.apply {
+        if (this.name != name) {
+            throw IOException("Directory named ${this.name}, but should be $name")
+        }
+    } ?: throw IOException()
+}
+
+fun DocumentFile.assertRightFile(packageInfo: PackageInfo) {
+    if (name != packageInfo.packageName) {
+        throw AssertionError("Expected ${packageInfo.packageName}, but got $name")
+    }
+}
+
+/**
+ * Works like [DocumentFile.listFiles] except that it waits until the DocumentProvider has a result.
+ * This prevents getting an empty list even though there are children to be listed.
+ */
+@Throws(IOException::class)
+suspend fun DocumentFile.listFilesBlocking(context: Context): List<DocumentFile> {
+    val resolver = context.contentResolver
+    val childrenUri = buildChildDocumentsUriUsingTree(uri, getDocumentId(uri))
+    val projection = arrayOf(COLUMN_DOCUMENT_ID)
+    val result = ArrayList<DocumentFile>()
+
+    try {
+        getLoadedCursor {
+            resolver.query(childrenUri, projection, null, null, null)
+        }
+    } catch (e: TimeoutCancellationException) {
+        throw IOException(e)
+    }.use { cursor ->
+        while (cursor.moveToNext()) {
+            val documentId = cursor.getString(0)
+            val documentUri = buildDocumentUriUsingTree(uri, documentId)
+            result.add(getTreeDocumentFile(this, context, documentUri))
+        }
+    }
+    return result
+}
+
+/**
+ * Same as [DocumentFile.findFile] only that it re-queries when the first result was stale.
+ *
+ * Most documents providers including Nextcloud are listing the full directory content
+ * when querying for a specific file in a directory,
+ * so there is no point in trying to optimize the query by not listing all children.
+ */
+suspend fun DocumentFile.findFileBlocking(context: Context, displayName: String): DocumentFile? {
+    val files = try {
+        listFilesBlocking(context)
+    } catch (e: Exception) {
+        Log.e(TAG, "Error finding file blocking", e)
+        return null
+    }
+    for (doc in files) {
+        if (displayName == doc.name) return doc
+    }
+    return null
+}
+
+/**
+ * Returns a cursor for the given query while ensuring that the cursor was loaded.
+ *
+ * When the SAF backend is a cloud storage provider (e.g. Nextcloud),
+ * it can happen that the query returns an outdated (e.g. empty) cursor
+ * which will only be updated in response to this query.
+ *
+ * See: https://commonsware.com/blog/2019/12/14/scoped-storage-stories-listfiles-woe.html
+ *
+ * This method uses a [suspendCancellableCoroutine] to wait for the result of a [ContentObserver]
+ * registered on the cursor in case the cursor is still loading ([EXTRA_LOADING]).
+ * If the cursor is not loading, it will be returned right away.
+ *
+ * @param timeout an optional time-out in milliseconds
+ * @throws TimeoutCancellationException if there was no result before the time-out
+ * @throws IOException if the query returns null
+ */
+@VisibleForTesting
+@Throws(IOException::class, TimeoutCancellationException::class)
+internal suspend fun getLoadedCursor(timeout: Long = 15_000, query: () -> Cursor?) =
+    withTimeout(timeout) {
+        suspendCancellableCoroutine { cont ->
+            val cursor = query() ?: throw IOException()
+            cont.invokeOnCancellation { cursor.close() }
+            val loading = cursor.extras.getBoolean(EXTRA_LOADING, false)
+            if (loading) {
+                Log.d(TAG, "Wait for children to get loaded...")
+                cursor.registerContentObserver(object : ContentObserver(null) {
+                    override fun onChange(selfChange: Boolean, uri: Uri?) {
+                        Log.d(TAG, "Children loaded. Continue...")
+                        cursor.close()
+                        val newCursor = query()
+                        if (newCursor == null) cont.cancel(IOException("query returned no results"))
+                        else cont.resume(newCursor)
+                    }
+                })
+            } else {
+                // not loading, return cursor right away
+                cont.resume(cursor)
+            }
+        }
+    }

app/src/main/java/com/stevesoltys/seedvault/backend/saf/SafHandler.kt

@@ -0,0 +1,100 @@
+/*
+ * SPDX-FileCopyrightText: 2024 The Calyx Institute
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+package com.stevesoltys.seedvault.backend.saf
+
+import android.content.Context
+import android.content.Context.USB_SERVICE
+import android.content.Intent.FLAG_GRANT_READ_URI_PERMISSION
+import android.content.Intent.FLAG_GRANT_WRITE_URI_PERMISSION
+import android.hardware.usb.UsbManager
+import android.net.Uri
+import android.util.Log
+import androidx.annotation.WorkerThread
+import com.stevesoltys.seedvault.R
+import com.stevesoltys.seedvault.backend.BackendManager
+import com.stevesoltys.seedvault.isMassStorage
+import com.stevesoltys.seedvault.settings.FlashDrive
+import com.stevesoltys.seedvault.settings.SettingsManager
+import com.stevesoltys.seedvault.ui.storage.StorageOption
+import org.calyxos.seedvault.core.backends.BackendFactory
+import org.calyxos.seedvault.core.backends.saf.SafProperties
+import java.io.IOException
+
+private const val TAG = "SafHandler"
+
+internal class SafHandler(
+    private val context: Context,
+    private val backendFactory: BackendFactory,
+    private val settingsManager: SettingsManager,
+    private val backendManager: BackendManager,
+) {
+
+    fun onConfigReceived(uri: Uri, safOption: StorageOption.SafOption): SafProperties {
+        // persist permission to access backup folder across reboots
+        val takeFlags = FLAG_GRANT_READ_URI_PERMISSION or FLAG_GRANT_WRITE_URI_PERMISSION
+        context.contentResolver.takePersistableUriPermission(uri, takeFlags)
+
+        return SafProperties(
+            config = uri,
+            name = if (safOption.isInternal()) {
+                val brackets = context.getString(R.string.settings_backup_location_internal)
+                "${safOption.title} ($brackets)"
+            } else {
+                safOption.title
+            },
+            isUsb = safOption.isUsb,
+            requiresNetwork = safOption.requiresNetwork,
+            rootId = safOption.rootId,
+        )
+    }
+
+    /**
+     * Searches if there's really an app backup available in the given storage location.
+     * Returns true if at least one was found and false otherwise.
+     */
+    @WorkerThread
+    @Throws(IOException::class)
+    suspend fun hasAppBackup(safProperties: SafProperties): Boolean {
+        val backend = backendFactory.createSafBackend(safProperties)
+        return backend.getAvailableBackupFileHandles().isNotEmpty()
+    }
+
+    fun save(safProperties: SafProperties) {
+        settingsManager.setSafProperties(safProperties)
+
+        if (safProperties.isUsb) {
+            Log.d(TAG, "Selected storage is a removable USB device.")
+            val wasSaved = saveUsbDevice()
+            // reset stored flash drive, if we did not update it
+            if (!wasSaved) settingsManager.setFlashDrive(null)
+        } else {
+            settingsManager.setFlashDrive(null)
+        }
+        Log.d(TAG, "New storage location saved: ${safProperties.uri}")
+    }
+
+    private fun saveUsbDevice(): Boolean {
+        val manager = context.getSystemService(USB_SERVICE) as UsbManager
+        manager.deviceList.values.forEach { device ->
+            if (device.isMassStorage()) {
+                val flashDrive = FlashDrive.from(device)
+                settingsManager.setFlashDrive(flashDrive)
+                Log.d(TAG, "Saved flash drive: $flashDrive")
+                return true
+            }
+        }
+        Log.e(TAG, "No USB device found even though we were expecting one.")
+        return false
+    }
+
+    @WorkerThread
+    fun setPlugin(safProperties: SafProperties) {
+        backendManager.changePlugins(
+            backend = backendFactory.createSafBackend(safProperties),
+            storageProperties = safProperties,
+        )
+    }
+}

app/src/main/java/com/stevesoltys/seedvault/backend/saf/SafStorageOptions.kt

@@ -0,0 +1,234 @@
+/*
+ * SPDX-FileCopyrightText: 2024 The Calyx Institute
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+package com.stevesoltys.seedvault.backend.saf
+
+import android.content.Context
+import android.content.Intent
+import android.content.Intent.ACTION_VIEW
+import android.content.Intent.FLAG_ACTIVITY_NEW_TASK
+import android.net.Uri
+import android.provider.DocumentsContract
+import android.provider.DocumentsContract.Document.COLUMN_DISPLAY_NAME
+import android.provider.DocumentsContract.Document.COLUMN_DOCUMENT_ID
+import com.stevesoltys.seedvault.R
+import com.stevesoltys.seedvault.backend.saf.StorageRootResolver.getIcon
+import com.stevesoltys.seedvault.ui.storage.AUTHORITY_DAVX5
+import com.stevesoltys.seedvault.ui.storage.AUTHORITY_NEXTCLOUD
+import com.stevesoltys.seedvault.ui.storage.AUTHORITY_ROUND_SYNC
+import com.stevesoltys.seedvault.ui.storage.AUTHORITY_STORAGE
+import com.stevesoltys.seedvault.ui.storage.StorageOption
+import com.stevesoltys.seedvault.ui.storage.StorageOption.SafOption
+
+private const val DAVX5_PACKAGE = "at.bitfire.davdroid"
+private const val DAVX5_ACTIVITY = "at.bitfire.davdroid.ui.webdav.WebdavMountsActivity"
+private const val NEXTCLOUD_PACKAGE = "com.nextcloud.client"
+private const val NEXTCLOUD_ACTIVITY = "com.owncloud.android.authentication.AuthenticatorActivity"
+
+/**
+ * A class for storage option placeholders that need to be shown under certain circumstances.
+ * E.g. a way to install an app when needed for restore.
+ */
+internal class SafStorageOptions(
+    private val context: Context,
+    private val isRestore: Boolean,
+    private val whitelistedAuthorities: Array<String>,
+) {
+
+    private val packageManager = context.packageManager
+
+    internal fun checkOrAddExtraRoots(roots: ArrayList<StorageOption>) {
+        checkOrAddUsbRoot(roots)
+        checkOrAddDavX5Root(roots)
+        checkOrAddNextCloudRoot(roots)
+        checkOrAddRoundSyncRoots(roots)
+    }
+
+    private fun checkOrAddUsbRoot(roots: ArrayList<StorageOption>) {
+        if (doNotInclude(AUTHORITY_STORAGE, roots) { it is SafOption && it.isUsb }) return
+
+        val root = SafOption(
+            authority = AUTHORITY_STORAGE,
+            rootId = "usb",
+            documentId = "fake",
+            icon = getIcon(context, AUTHORITY_STORAGE, "usb", 0),
+            title = context.getString(R.string.storage_fake_drive_title),
+            summary = context.getString(R.string.storage_fake_drive_summary),
+            availableBytes = null,
+            isUsb = true,
+            requiresNetwork = false,
+            enabled = false
+        )
+        roots.add(root)
+    }
+
+    /**
+     * Add a storage root for each child directory at the RoundSync root, if it exists.
+     */
+    private fun checkOrAddRoundSyncRoots(roots: ArrayList<StorageOption>) {
+
+        val roundSyncRoot = roots.firstOrNull {
+            it is SafOption && it.authority == AUTHORITY_ROUND_SYNC
+        } as? SafOption ?: return
+
+        roots.remove(roundSyncRoot)
+
+        val childrenUri = DocumentsContract.buildChildDocumentsUriUsingTree(
+            roundSyncRoot.uri, roundSyncRoot.documentId
+        )
+        val projection = arrayOf(COLUMN_DISPLAY_NAME, COLUMN_DOCUMENT_ID)
+        val cursor = context.contentResolver.query(childrenUri, projection, null, null, null)
+
+        cursor?.use {
+            val nameIndex = cursor.getColumnIndex(COLUMN_DISPLAY_NAME)
+            val documentIdIndex = cursor.getColumnIndex(COLUMN_DOCUMENT_ID)
+
+            while (cursor.moveToNext()) {
+                val name = cursor.getString(nameIndex)
+                val documentId = cursor.getString(documentIdIndex)
+
+                val childRoot = SafOption(
+                    authority = AUTHORITY_ROUND_SYNC,
+                    rootId = name,
+                    documentId = documentId,
+                    icon = getIcon(context, AUTHORITY_ROUND_SYNC, name, 0),
+                    title = name,
+                    summary = context.getString(R.string.storage_round_sync_summary_prefix) + name,
+                    availableBytes = null,
+                    isUsb = false,
+                    requiresNetwork = true,
+                    enabled = true
+                )
+
+                roots.add(childRoot)
+            }
+        }
+    }
+
+    /**
+     * This adds a fake Dav X5 entry if no real one was found.
+     *
+     * If Dav X5 is *not* installed,
+     * the user will always have the option to install it by clicking the entry.
+     *
+     * If it *is* installed and this is restore, the user can set up a new account by clicking.
+     */
+    private fun checkOrAddDavX5Root(roots: ArrayList<StorageOption>) {
+        if (doNotInclude(AUTHORITY_DAVX5, roots)) return
+
+        val intent = Intent().apply {
+            addFlags(FLAG_ACTIVITY_NEW_TASK)
+            setClassName(DAVX5_PACKAGE, DAVX5_ACTIVITY)
+        }
+        val marketIntent =
+            Intent(ACTION_VIEW, Uri.parse("market://details?id=$DAVX5_PACKAGE")).apply {
+                addFlags(FLAG_ACTIVITY_NEW_TASK)
+            }
+        val isInstalled = packageManager.resolveActivity(intent, 0) != null
+        val canInstall = packageManager.resolveActivity(marketIntent, 0) != null
+        val summaryRes = if (isInstalled) {
+            if (isRestore) R.string.storage_fake_davx5_summary_installed
+            else R.string.storage_fake_davx5_summary_unavailable
+        } else {
+            if (canInstall) R.string.storage_fake_davx5_summary
+            else R.string.storage_fake_davx5_summary_unavailable_market
+        }
+        val root = SafOption(
+            authority = AUTHORITY_DAVX5,
+            rootId = "fake",
+            documentId = "fake",
+            icon = getIcon(context, AUTHORITY_DAVX5, "fake", 0),
+            title = context.getString(R.string.storage_fake_davx5_title),
+            summary = context.getString(summaryRes),
+            availableBytes = null,
+            isUsb = false,
+            requiresNetwork = true,
+            enabled = isInstalled || canInstall,
+            nonDefaultAction = {
+                if (isInstalled) context.startActivity(intent)
+                else if (canInstall) context.startActivity(marketIntent)
+            }
+        )
+        roots.add(root)
+    }
+
+    /**
+     * This adds a fake Nextcloud entry if no real one was found.
+     *
+     * If Nextcloud is *not* installed,
+     * the user will always have the option to install it by clicking the entry.
+     *
+     * If it *is* installed and this is restore, the user can set up a new account by clicking.
+     * FIXME: If this isn't restore, the entry should be disabled,
+     *  because we don't know if there's just no account or an activated passcode
+     *  (which hides existing accounts).
+     */
+    private fun checkOrAddNextCloudRoot(roots: ArrayList<StorageOption>) {
+        if (doNotInclude(AUTHORITY_NEXTCLOUD, roots)) return
+
+        val intent = Intent().apply {
+            addFlags(FLAG_ACTIVITY_NEW_TASK)
+            setClassName(NEXTCLOUD_PACKAGE, NEXTCLOUD_ACTIVITY)
+            // setting a nc:// Uri prevents FirstRunActivity to show
+            data = Uri.parse("nc://login/server:")
+            putExtra("onlyAdd", true)
+        }
+        val marketIntent =
+            Intent(ACTION_VIEW, Uri.parse("market://details?id=$NEXTCLOUD_PACKAGE")).apply {
+                addFlags(FLAG_ACTIVITY_NEW_TASK)
+            }
+        val isInstalled = packageManager.resolveActivity(intent, 0) != null
+        val canInstall = packageManager.resolveActivity(marketIntent, 0) != null
+        val summaryRes = if (isInstalled) {
+            if (isRestore) R.string.storage_fake_nextcloud_summary_installed
+            else R.string.storage_fake_nextcloud_summary_unavailable
+        } else {
+            if (canInstall) R.string.storage_fake_nextcloud_summary
+            else R.string.storage_fake_nextcloud_summary_unavailable_market
+        }
+        val root = SafOption(
+            authority = AUTHORITY_NEXTCLOUD,
+            rootId = "fake",
+            documentId = "fake",
+            icon = getIcon(context, AUTHORITY_NEXTCLOUD, "fake", 0),
+            title = context.getString(
+                R.string.storage_not_recommended,
+                context.getString(R.string.storage_fake_nextcloud_title)
+            ),
+            summary = context.getString(summaryRes),
+            availableBytes = null,
+            isUsb = false,
+            requiresNetwork = true,
+            enabled = isInstalled || canInstall,
+            nonDefaultAction = {
+                if (isInstalled) context.startActivity(intent)
+                else if (canInstall) context.startActivity(marketIntent)
+            }
+        )
+        roots.add(root)
+    }
+
+    private fun doNotInclude(
+        authority: String,
+        roots: ArrayList<StorageOption>,
+        doNotIncludeIfTrue: ((StorageOption) -> Boolean)? = null,
+    ): Boolean {
+        if (!isAuthoritySupported(authority)) return true
+        for (root in roots) {
+            if (root !is SafOption) continue
+            if (root.authority == authority && doNotIncludeIfTrue?.invoke(root) != false) {
+                return true
+            }
+        }
+        return false
+    }
+
+    private fun isAuthoritySupported(authority: String): Boolean {
+        // just restrict where to store backups,
+        // restoring can be more free for forward compatibility
+        return isRestore || whitelistedAuthorities.contains(authority)
+    }
+
+}

app/src/main/java/com/stevesoltys/seedvault/backend/saf/StorageRootResolver.kt

@@ -0,0 +1,179 @@
+/*
+ * SPDX-FileCopyrightText: 2024 The Calyx Institute
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+package com.stevesoltys.seedvault.backend.saf
+
+import android.Manifest.permission.MANAGE_DOCUMENTS
+import android.content.Context
+import android.database.Cursor
+import android.graphics.drawable.Drawable
+import android.net.Uri
+import android.os.Environment
+import android.os.StatFs
+import android.os.UserHandle
+import android.provider.DocumentsContract
+import android.provider.DocumentsContract.Root.COLUMN_AVAILABLE_BYTES
+import android.provider.DocumentsContract.Root.COLUMN_DOCUMENT_ID
+import android.provider.DocumentsContract.Root.COLUMN_FLAGS
+import android.provider.DocumentsContract.Root.COLUMN_ICON
+import android.provider.DocumentsContract.Root.COLUMN_ROOT_ID
+import android.provider.DocumentsContract.Root.COLUMN_SUMMARY
+import android.provider.DocumentsContract.Root.COLUMN_TITLE
+import android.provider.DocumentsContract.Root.FLAG_LOCAL_ONLY
+import android.provider.DocumentsContract.Root.FLAG_REMOVABLE_USB
+import android.provider.DocumentsContract.Root.FLAG_SUPPORTS_CREATE
+import android.provider.DocumentsContract.Root.FLAG_SUPPORTS_IS_CHILD
+import android.util.Log
+import androidx.appcompat.content.res.AppCompatResources.getDrawable
+import com.stevesoltys.seedvault.R
+import com.stevesoltys.seedvault.getStorageContext
+import com.stevesoltys.seedvault.ui.storage.AUTHORITY_DAVX5
+import com.stevesoltys.seedvault.ui.storage.AUTHORITY_DOWNLOADS
+import com.stevesoltys.seedvault.ui.storage.AUTHORITY_NEXTCLOUD
+import com.stevesoltys.seedvault.ui.storage.AUTHORITY_ROUND_SYNC
+import com.stevesoltys.seedvault.ui.storage.AUTHORITY_STORAGE
+import com.stevesoltys.seedvault.ui.storage.ROOT_ID_DEVICE
+import com.stevesoltys.seedvault.ui.storage.ROOT_ID_HOME
+import com.stevesoltys.seedvault.ui.storage.StorageOption.SafOption
+
+internal object StorageRootResolver {
+
+    private val TAG = StorageRootResolver::class.java.simpleName
+
+    fun getStorageRoots(context: Context, authority: String): List<SafOption> {
+        val roots = ArrayList<SafOption>()
+        val rootsUri = DocumentsContract.buildRootsUri(authority)
+
+        try {
+            context.contentResolver.query(rootsUri, null, null, null, null)?.use { cursor ->
+                while (cursor.moveToNext()) {
+                    val root = getStorageRoot(context, authority, cursor)
+                    if (root != null) roots.add(root)
+                }
+            }
+            // add special system user roots for USB devices
+            val c = context.getStorageContext {
+                authority == AUTHORITY_STORAGE && UserHandle.myUserId() != UserHandle.USER_SYSTEM
+            }
+            // only proceed if we really got a different [Context], e.g. had permission for it
+            if (context !== c) {
+                c.contentResolver.query(rootsUri, null, null, null, null)?.use { cursor ->
+                    while (cursor.moveToNext()) {
+                        // Pass in [context] since it is used to query package manager for app icons
+                        val root = getStorageRoot(context, authority, cursor)
+                        // only add USB storage from system user, no others
+                        if (root != null && root.isUsb) roots.add(root)
+                    }
+                }
+            }
+        } catch (e: Exception) {
+            Log.w(TAG, "Failed to load some roots from $authority", e)
+        }
+        return roots
+    }
+
+    /**
+     * Used for getting a SafOption when we lack [MANAGE_DOCUMENTS],
+     * since we are not allowed to use [getStorageRoots] in this case.
+     */
+    fun getFakeStorageRootForUri(context: Context, uri: Uri): SafOption {
+        val authority = uri.authority ?: throw AssertionError("No authority in $uri")
+        return SafOption(
+            authority = authority,
+            rootId = ROOT_ID_DEVICE,
+            documentId = DocumentsContract.getTreeDocumentId(uri),
+            icon = getIcon(context, authority, ROOT_ID_DEVICE, 0),
+            title = context.getString(R.string.storage_user_selected_location_title),
+            summary = "Please open a bug if you see this",
+            availableBytes = null,
+            isUsb = false, // FIXME not supported without MANAGE_DOCUMENTS permission
+            requiresNetwork = authority != AUTHORITY_STORAGE && authority != AUTHORITY_DOWNLOADS,
+        )
+    }
+
+    private fun getStorageRoot(context: Context, authority: String, cursor: Cursor): SafOption? {
+        val flags = cursor.getInt(COLUMN_FLAGS)
+        val supportsCreate = flags and FLAG_SUPPORTS_CREATE != 0
+        val supportsIsChild = flags and FLAG_SUPPORTS_IS_CHILD != 0
+        if (!supportsCreate || !supportsIsChild) return null
+        val rootId = cursor.getString(COLUMN_ROOT_ID)!!
+        if (authority == AUTHORITY_STORAGE && rootId == ROOT_ID_HOME) return null
+        val documentId = cursor.getString(COLUMN_DOCUMENT_ID) ?: return null
+        val isUsb = flags and FLAG_REMOVABLE_USB != 0
+        return SafOption(
+            authority = authority,
+            rootId = rootId,
+            documentId = documentId,
+            icon = getIcon(context, authority, rootId, cursor.getInt(COLUMN_ICON)),
+            title = cursor.getString(COLUMN_TITLE)!!,
+            summary = cursor.getString(COLUMN_SUMMARY),
+            availableBytes = cursor.getInt(COLUMN_AVAILABLE_BYTES).let { bytes ->
+                // AOSP 11+ reports -1 instead of null
+                if (bytes == -1) {
+                    try {
+                        if (isUsb) {
+                            StatFs("/mnt/media_rw/${documentId.trimEnd(':')}").availableBytes
+                        } else if (authority == AUTHORITY_STORAGE && rootId == ROOT_ID_DEVICE) {
+                            StatFs(Environment.getDataDirectory().absolutePath).availableBytes
+                        } else null
+                    } catch (e: Exception) {
+                        Log.e(TAG, "Error getting available bytes for $rootId ", e)
+                        null
+                    }
+                } else bytes.toLong()
+            },
+            isUsb = isUsb,
+            requiresNetwork = flags and FLAG_LOCAL_ONLY == 0 // not local only == requires network
+        )
+    }
+
+    private fun Cursor.getString(columnName: String): String? {
+        val index = getColumnIndex(columnName)
+        return if (index != -1) getString(index) else null
+    }
+
+    private fun Cursor.getInt(columnName: String): Int {
+        val index = getColumnIndex(columnName)
+        return if (index != -1) getInt(index) else 0
+    }
+
+    fun getIcon(context: Context, authority: String, rootId: String, icon: Int): Drawable? {
+        return getPackageIcon(context, authority, icon) ?: when {
+            authority == AUTHORITY_STORAGE && rootId == ROOT_ID_DEVICE -> {
+                getDrawable(context, R.drawable.ic_phone_android)
+            }
+
+            authority == AUTHORITY_STORAGE && rootId != ROOT_ID_HOME -> {
+                getDrawable(context, R.drawable.ic_usb)
+            }
+
+            authority == AUTHORITY_NEXTCLOUD -> {
+                getDrawable(context, R.drawable.nextcloud)
+            }
+
+            authority == AUTHORITY_DAVX5 -> {
+                getDrawable(context, R.drawable.davx5)
+            }
+
+            authority == AUTHORITY_ROUND_SYNC -> {
+                getDrawable(context, R.drawable.round_sync)
+            }
+
+            else -> null
+        }
+    }
+
+    private fun getPackageIcon(context: Context, authority: String, icon: Int): Drawable? {
+        if (icon != 0) {
+            val pm = context.packageManager
+            val info = pm.resolveContentProvider(authority, 0)
+            if (info != null) {
+                return pm.getDrawable(info.packageName, icon, info.applicationInfo)
+            }
+        }
+        return null
+    }
+
+}

app/src/main/java/com/stevesoltys/seedvault/backend/webdav/WebDavHandler.kt

@@ -0,0 +1,97 @@
+/*
+ * SPDX-FileCopyrightText: 2024 The Calyx Institute
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+package com.stevesoltys.seedvault.backend.webdav
+
+import android.content.Context
+import android.util.Log
+import androidx.annotation.WorkerThread
+import com.stevesoltys.seedvault.R
+import com.stevesoltys.seedvault.backend.BackendManager
+import com.stevesoltys.seedvault.settings.SettingsManager
+import kotlinx.coroutines.flow.MutableStateFlow
+import kotlinx.coroutines.flow.asStateFlow
+import org.calyxos.seedvault.core.backends.Backend
+import org.calyxos.seedvault.core.backends.BackendFactory
+import org.calyxos.seedvault.core.backends.webdav.WebDavConfig
+import org.calyxos.seedvault.core.backends.webdav.WebDavProperties
+import java.io.IOException
+
+internal sealed interface WebDavConfigState {
+    object Empty : WebDavConfigState
+    object Checking : WebDavConfigState
+    class Success(
+        val properties: WebDavProperties,
+        val backend: Backend,
+    ) : WebDavConfigState
+
+    class Error(val e: Exception?) : WebDavConfigState
+}
+
+private val TAG = WebDavHandler::class.java.simpleName
+
+internal class WebDavHandler(
+    private val context: Context,
+    private val backendFactory: BackendFactory,
+    private val settingsManager: SettingsManager,
+    private val backendManager: BackendManager,
+) {
+
+    companion object {
+        fun createWebDavProperties(context: Context, config: WebDavConfig): WebDavProperties {
+            val host = config.url.removePrefix("https://")
+            return WebDavProperties(
+                config = config,
+                name = context.getString(R.string.storage_webdav_name, host),
+            )
+        }
+    }
+
+    private val mConfigState = MutableStateFlow<WebDavConfigState>(WebDavConfigState.Empty)
+    val configState = mConfigState.asStateFlow()
+
+    suspend fun onConfigReceived(config: WebDavConfig) {
+        mConfigState.value = WebDavConfigState.Checking
+        val backend = backendFactory.createWebDavBackend(config)
+        try {
+            if (backend.test()) {
+                val properties = createWebDavProperties(context, config)
+                mConfigState.value = WebDavConfigState.Success(properties, backend)
+            } else {
+                mConfigState.value = WebDavConfigState.Error(null)
+            }
+        } catch (e: Exception) {
+            Log.e(TAG, "Error testing WebDAV config at ${config.url}", e)
+            mConfigState.value = WebDavConfigState.Error(e)
+        }
+    }
+
+    fun resetConfigState() {
+        mConfigState.value = WebDavConfigState.Empty
+    }
+
+    /**
+     * Searches if there's really an app backup available in the given storage location.
+     * Returns true if at least one was found and false otherwise.
+     */
+    @WorkerThread
+    @Throws(IOException::class)
+    suspend fun hasAppBackup(backend: Backend): Boolean {
+        return backend.getAvailableBackupFileHandles().isNotEmpty()
+    }
+
+    fun save(properties: WebDavProperties) {
+        settingsManager.saveWebDavConfig(properties.config)
+    }
+
+    @WorkerThread
+    fun setPlugin(properties: WebDavProperties, backend: Backend) {
+        backendManager.changePlugins(
+            backend = backend,
+            storageProperties = properties,
+        )
+    }
+
+}

app/src/main/java/com/stevesoltys/seedvault/backend/webdav/WebDavModule.kt

@@ -0,0 +1,13 @@
+/*
+ * SPDX-FileCopyrightText: 2024 The Calyx Institute
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+package com.stevesoltys.seedvault.backend.webdav
+
+import org.koin.android.ext.koin.androidContext
+import org.koin.dsl.module
+
+val storagePluginModuleWebDav = module {
+    single { WebDavHandler(androidContext(), get(), get(), get()) }
+}

app/src/main/java/com/stevesoltys/seedvault/crypto/CipherFactory.kt

@@ -1,3 +1,8 @@
+/*
+ * SPDX-FileCopyrightText: 2020 The Calyx Institute
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
 package com.stevesoltys.seedvault.crypto
 
 import java.security.Key

app/src/main/java/com/stevesoltys/seedvault/crypto/Crypto.kt

@@ -1,71 +1,117 @@
+/*
+ * SPDX-FileCopyrightText: 2020 The Calyx Institute
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
 package com.stevesoltys.seedvault.crypto
 
+import android.annotation.SuppressLint
+import android.content.Context
+import android.provider.Settings
+import android.provider.Settings.Secure.ANDROID_ID
+import com.google.crypto.tink.subtle.AesGcmHkdfStreaming
+import com.stevesoltys.seedvault.encodeBase64
 import com.stevesoltys.seedvault.header.HeaderReader
-import com.stevesoltys.seedvault.header.HeaderWriter
-import com.stevesoltys.seedvault.header.MAX_SEGMENT_CLEARTEXT_LENGTH
 import com.stevesoltys.seedvault.header.MAX_SEGMENT_LENGTH
 import com.stevesoltys.seedvault.header.MAX_VERSION_HEADER_SIZE
 import com.stevesoltys.seedvault.header.SegmentHeader
+import com.stevesoltys.seedvault.header.VERSION
 import com.stevesoltys.seedvault.header.VersionHeader
+import org.calyxos.seedvault.core.crypto.CoreCrypto
+import org.calyxos.seedvault.core.crypto.CoreCrypto.ALGORITHM_HMAC
+import org.calyxos.seedvault.core.crypto.CoreCrypto.deriveKey
+import org.calyxos.seedvault.core.toByteArrayFromHex
+import org.calyxos.seedvault.core.toHexString
 import java.io.EOFException
 import java.io.IOException
 import java.io.InputStream
 import java.io.OutputStream
-import javax.crypto.Cipher
+import java.nio.ByteBuffer
+import java.security.GeneralSecurityException
+import java.security.MessageDigest
+import java.security.NoSuchAlgorithmException
+import java.security.SecureRandom
+import javax.crypto.Mac
 import javax.crypto.spec.SecretKeySpec
-import kotlin.math.min
 
 /**
- * A backup stream starts with a version byte followed by an encrypted [VersionHeader].
+ * A version 1 backup stream uses [AesGcmHkdfStreaming] from the tink library.
+ *
+ * A version 0 backup stream starts with a version byte followed by an encrypted [VersionHeader].
  *
  * The header will be encrypted with AES/GCM to provide authentication.
- * It can be written using [encryptHeader] and read using [decryptHeader].
- * The latter throws a [SecurityException],
+ * It can be read using [decryptHeader] which throws a [SecurityException],
  * if the expected version and package name do not match the encrypted header.
  *
  * After the header, follows one or more data segments.
  * Each segment begins with a clear-text [SegmentHeader]
  * that contains the length of the segment
  * and a nonce acting as the initialization vector for the encryption.
- * The segment can be written using [encryptSegment] and read using [decryptSegment].
- * The latter throws a [SecurityException],
+ * The segment can be read using [decryptSegment] which throws a [SecurityException],
  * if the length of the segment is specified larger than allowed.
  */
-interface Crypto {
+internal interface Crypto {
 
     /**
-     * Encrypts a backup stream header ([VersionHeader]) and writes it to the given [OutputStream].
-     *
-     * The header using a small segment containing only
-     * the version number, the package name and (optionally) the key of a key/value stream.
+     * Returns a ByteArray with bytes retrieved from [SecureRandom].
      */
-    @Throws(IOException::class)
-    fun encryptHeader(outputStream: OutputStream, versionHeader: VersionHeader)
+    fun getRandomBytes(size: Int): ByteArray
 
     /**
-     * Encrypts a new backup segment from the given cleartext payload
-     * and writes it to the given [OutputStream].
-     *
-     * A segment starts with a [SegmentHeader] which includes the length of the segment
-     * and a nonce which is used as initialization vector for the encryption.
-     *
-     * After the header follows the encrypted payload.
-     * Larger backup streams such as from a full backup are encrypted in multiple segments
-     * to avoid having to load the entire stream into memory when doing authenticated encryption.
-     *
-     * The given cleartext can later be decrypted
-     * by calling [decryptSegment] on the same byte stream.
+     * Returns the ID of the backup repository as a 64 char hex string.
      */
-    @Throws(IOException::class)
-    fun encryptSegment(outputStream: OutputStream, cleartext: ByteArray)
+    val repoId: String
 
     /**
-     * Like [encryptSegment],
-     * but if the given cleartext [ByteArray] is larger than [MAX_SEGMENT_CLEARTEXT_LENGTH],
-     * multiple segments will be written.
+     * A secret key of size [KEY_SIZE_BYTES]
+     * only used to create a gear table specific to each main key.
      */
-    @Throws(IOException::class)
-    fun encryptMultipleSegments(outputStream: OutputStream, cleartext: ByteArray)
+    val gearTableKey: ByteArray
+
+    fun sha256(bytes: ByteArray): ByteArray
+
+    /**
+     * Returns a [AesGcmHkdfStreaming] encrypting stream
+     * that gets encrypted and authenticated the given associated data.
+     */
+    @Throws(IOException::class, GeneralSecurityException::class)
+    fun newEncryptingStream(
+        outputStream: OutputStream,
+        associatedData: ByteArray,
+    ): OutputStream
+
+    /**
+     * Returns a [AesGcmHkdfStreaming] decrypting stream
+     * that gets decrypted and authenticated the given associated data.
+     */
+    @Throws(IOException::class, GeneralSecurityException::class)
+    fun newDecryptingStream(
+        inputStream: InputStream,
+        associatedData: ByteArray,
+    ): InputStream
+
+    fun getAdForVersion(version: Byte = VERSION): ByteArray
+
+    @Deprecated("only for v1")
+    fun getNameForPackage(salt: String, packageName: String): String
+
+    /**
+     * Returns the name that identifies an APK in the backup storage plugin.
+     * @param suffix empty string for normal APKs and the name of the split in case of an APK split
+     */
+    @Deprecated("only for v1")
+    fun getNameForApk(salt: String, packageName: String, suffix: String = ""): String
+
+    /**
+     * Returns a [AesGcmHkdfStreaming] decrypting stream
+     * that gets decrypted and authenticated the given associated data.
+     */
+    @Deprecated("only for v1")
+    @Throws(IOException::class, GeneralSecurityException::class)
+    fun newDecryptingStreamV1(
+        inputStream: InputStream,
+        associatedData: ByteArray,
+    ): InputStream
 
     /**
      * Reads and decrypts a [VersionHeader] from the given [InputStream]
@@ -75,25 +121,29 @@ interface Crypto {
      *
      * @return The read [VersionHeader] present in the beginning of the given [InputStream].
      */
+    @Suppress("Deprecation")
+    @Deprecated("Use newDecryptingStream instead")
     @Throws(IOException::class, SecurityException::class)
     fun decryptHeader(
         inputStream: InputStream,
         expectedVersion: Byte,
         expectedPackageName: String,
-        expectedKey: String? = null
+        expectedKey: String? = null,
     ): VersionHeader
 
     /**
      * Reads and decrypts a segment from the given [InputStream].
      *
-     * @return The decrypted segment payload as passed into [encryptSegment]
+     * @return The decrypted segment payload.
      */
+    @Deprecated("Use newDecryptingStream instead")
     @Throws(EOFException::class, IOException::class, SecurityException::class)
     fun decryptSegment(inputStream: InputStream): ByteArray
 
     /**
      * Like [decryptSegment], but decrypts multiple segments and does not throw [EOFException].
      */
+    @Deprecated("Use newDecryptingStream instead")
     @Throws(IOException::class, SecurityException::class)
     fun decryptMultipleSegments(inputStream: InputStream): ByteArray
 
@@ -105,56 +155,100 @@ interface Crypto {
     fun verifyBackupKey(seed: ByteArray): Boolean
 }
 
+internal const val TYPE_METADATA: Byte = 0x00
+internal const val TYPE_BACKUP_KV: Byte = 0x01
+internal const val TYPE_BACKUP_FULL: Byte = 0x02
+internal const val TYPE_ICONS: Byte = 0x03
+
+@SuppressLint("HardwareIds")
 internal class CryptoImpl(
+    context: Context,
+    private val keyManager: KeyManager,
     private val cipherFactory: CipherFactory,
-    private val headerWriter: HeaderWriter,
-    private val headerReader: HeaderReader
+    private val headerReader: HeaderReader,
+    private val androidId: String = Settings.Secure.getString(context.contentResolver, ANDROID_ID),
 ) : Crypto {
 
-    @Throws(IOException::class)
-    override fun encryptHeader(outputStream: OutputStream, versionHeader: VersionHeader) {
-        val bytes = headerWriter.getEncodedVersionHeader(versionHeader)
+    private val keyV1: ByteArray by lazy {
+        deriveKey(keyManager.getMainKey(), "app data key".toByteArray())
+    }
+    private val streamKey: ByteArray by lazy {
+        deriveKey(keyManager.getMainKey(), "app backup stream key".toByteArray())
+    }
+    private val secureRandom: SecureRandom by lazy { SecureRandom.getInstanceStrong() }
 
-        encryptSegment(outputStream, bytes)
+    override fun getRandomBytes(size: Int) = ByteArray(size).apply {
+        secureRandom.nextBytes(this)
     }
 
-    @Throws(IOException::class)
-    override fun encryptSegment(outputStream: OutputStream, cleartext: ByteArray) {
-        val cipher = cipherFactory.createEncryptionCipher()
-
-        check(cipher.getOutputSize(cleartext.size) <= MAX_SEGMENT_LENGTH) {
-            "Cipher's output size ${cipher.getOutputSize(cleartext.size)} is larger" +
-                "than maximum segment length ($MAX_SEGMENT_LENGTH)"
+    /**
+     * The ID of the backup repository tied to this user/device via [ANDROID_ID]
+     * and the current [KeyManager.getMainKey].
+     *
+     * Attention: If the main key ever changes, we need to kill our process,
+     * so all lazy values that depend on that key or the [gearTableKey] get reinitialized.
+     */
+    override val repoId: String by lazy {
+        val repoIdKey =
+            deriveKey(keyManager.getMainKey(), "app backup repoId key".toByteArray())
+        val hmacHasher: Mac = Mac.getInstance(ALGORITHM_HMAC).apply {
+            init(SecretKeySpec(repoIdKey, ALGORITHM_HMAC))
         }
-        encryptSegment(cipher, outputStream, cleartext)
+        hmacHasher.doFinal(androidId.toByteArrayFromHex()).toHexString()
     }
 
-    @Throws(IOException::class)
-    override fun encryptMultipleSegments(outputStream: OutputStream, cleartext: ByteArray) {
-        var end = 0
-        while (end < cleartext.size) {
-            val start = end
-            end = min(cleartext.size, start + MAX_SEGMENT_CLEARTEXT_LENGTH)
-            val segment = cleartext.copyOfRange(start, end)
-            val cipher = cipherFactory.createEncryptionCipher()
-            encryptSegment(cipher, outputStream, segment)
+    override val gearTableKey: ByteArray
+        get() = deriveKey(keyManager.getMainKey(), "app backup gear table key".toByteArray())
+
+    override fun newEncryptingStream(
+        outputStream: OutputStream,
+        associatedData: ByteArray,
+    ): OutputStream = CoreCrypto.newEncryptingStream(streamKey, outputStream, associatedData)
+
+    override fun newDecryptingStream(
+        inputStream: InputStream,
+        associatedData: ByteArray,
+    ): InputStream = CoreCrypto.newDecryptingStream(streamKey, inputStream, associatedData)
+
+    override fun getAdForVersion(version: Byte): ByteArray = ByteBuffer.allocate(1)
+        .put(version)
+        .array()
+
+    @Deprecated("only for v1")
+    override fun getNameForPackage(salt: String, packageName: String): String {
+        return sha256("$salt$packageName".toByteArray()).encodeBase64()
+    }
+
+    @Deprecated("only for v1")
+    override fun getNameForApk(salt: String, packageName: String, suffix: String): String {
+        return sha256("${salt}APK$packageName$suffix".toByteArray()).encodeBase64()
+    }
+
+    override fun sha256(bytes: ByteArray): ByteArray {
+        val messageDigest: MessageDigest = try {
+            MessageDigest.getInstance("SHA-256")
+        } catch (e: NoSuchAlgorithmException) {
+            throw AssertionError(e)
         }
+        messageDigest.update(bytes)
+        return messageDigest.digest()
     }
 
-    @Throws(IOException::class)
-    private fun encryptSegment(cipher: Cipher, outputStream: OutputStream, segment: ByteArray) {
-        val encrypted = cipher.doFinal(segment)
-        val segmentHeader = SegmentHeader(encrypted.size.toShort(), cipher.iv)
-        headerWriter.writeSegmentHeader(outputStream, segmentHeader)
-        outputStream.write(encrypted)
-    }
+    @Deprecated("only for v1")
+    @Throws(IOException::class, GeneralSecurityException::class)
+    override fun newDecryptingStreamV1(
+        inputStream: InputStream,
+        associatedData: ByteArray,
+    ): InputStream = CoreCrypto.newDecryptingStream(keyV1, inputStream, associatedData)
 
+    @Suppress("Deprecation")
     @Throws(IOException::class, SecurityException::class)
+    @Deprecated("Use newDecryptingStream instead")
     override fun decryptHeader(
         inputStream: InputStream,
         expectedVersion: Byte,
         expectedPackageName: String,
-        expectedKey: String?
+        expectedKey: String?,
     ): VersionHeader {
         val decrypted = decryptSegment(inputStream, MAX_VERSION_HEADER_SIZE)
         val header = headerReader.getVersionHeader(decrypted)
@@ -178,11 +272,13 @@ internal class CryptoImpl(
         return header
     }
 
+    @Deprecated("Use newDecryptingStream instead")
     @Throws(EOFException::class, IOException::class, SecurityException::class)
     override fun decryptSegment(inputStream: InputStream): ByteArray {
         return decryptSegment(inputStream, MAX_SEGMENT_LENGTH)
     }
 
+    @Deprecated("Use newDecryptingStream instead")
     @Throws(IOException::class, SecurityException::class)
     override fun decryptMultipleSegments(inputStream: InputStream): ByteArray {
         var result = ByteArray(0)
@@ -196,6 +292,7 @@ internal class CryptoImpl(
         }
     }
 
+    @Suppress("Deprecation")
     @Throws(EOFException::class, IOException::class, SecurityException::class)
     private fun decryptSegment(inputStream: InputStream, maxSegmentLength: Int): ByteArray {
         val segmentHeader = headerReader.readSegmentHeader(inputStream)

app/src/main/java/com/stevesoltys/seedvault/crypto/CryptoModule.kt

@@ -1,9 +1,15 @@
+/*
+ * SPDX-FileCopyrightText: 2020 The Calyx Institute
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
 package com.stevesoltys.seedvault.crypto
 
+import org.koin.android.ext.koin.androidContext
 import org.koin.dsl.module
 import java.security.KeyStore
 
-private const val ANDROID_KEY_STORE = "AndroidKeyStore"
+const val ANDROID_KEY_STORE = "AndroidKeyStore"
 
 val cryptoModule = module {
     factory<CipherFactory> { CipherFactoryImpl(get()) }
@@ -15,5 +21,5 @@ val cryptoModule = module {
         }
         KeyManagerImpl(keyStore)
     }
-    single<Crypto> { CryptoImpl(get(), get(), get()) }
+    single<Crypto> { CryptoImpl(androidContext(), get(), get(), get()) }
 }

app/src/main/java/com/stevesoltys/seedvault/crypto/KeyManager.kt

@@ -1,3 +1,8 @@
+/*
+ * SPDX-FileCopyrightText: 2020 The Calyx Institute
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
 package com.stevesoltys.seedvault.crypto
 
 import android.security.keystore.KeyProperties.BLOCK_MODE_GCM
@@ -14,12 +19,12 @@ import javax.crypto.spec.SecretKeySpec
 
 internal const val KEY_SIZE = 256
 internal const val KEY_SIZE_BYTES = KEY_SIZE / 8
-private const val KEY_ALIAS_BACKUP = "com.stevesoltys.seedvault"
-private const val KEY_ALIAS_MAIN = "com.stevesoltys.seedvault.main"
+internal const val KEY_ALIAS_BACKUP = "com.stevesoltys.seedvault"
+internal const val KEY_ALIAS_MAIN = "com.stevesoltys.seedvault.main"
 private const val KEY_ALGORITHM_BACKUP = "AES"
 private const val KEY_ALGORITHM_MAIN = "HmacSHA256"
 
-interface KeyManager {
+interface KeyManager : org.calyxos.seedvault.core.crypto.KeyManager {
     /**
      * Store a new backup key derived from the given [seed].
      *
@@ -52,18 +57,10 @@ interface KeyManager {
      * because the key can not leave the [KeyStore]'s hardware security module.
      */
     fun getBackupKey(): SecretKey
-
-    /**
-     * Returns the main key, so it can be used for deriving sub-keys.
-     *
-     * Note that any attempt to export the key will return null or an empty [ByteArray],
-     * because the key can not leave the [KeyStore]'s hardware security module.
-     */
-    fun getMainKey(): SecretKey
 }
 
 internal class KeyManagerImpl(
-    private val keyStore: KeyStore
+    private val keyStore: KeyStore,
 ) : KeyManager {
 
     override fun storeBackupKey(seed: ByteArray) {
@@ -100,7 +97,9 @@ internal class KeyManagerImpl(
             .setEncryptionPaddings(ENCRYPTION_PADDING_NONE)
             .setRandomizedEncryptionRequired(true)
         // unlocking is required only for decryption, so when restoring from backup
-        builder.setUnlockedDeviceRequired(true)
+        // FIXME disabled for Android 12 GSI as it crashes when importing the key
+        //  KeyStoreException: Failed to import secret key.
+        // builder.setUnlockedDeviceRequired(true)
         return builder.build()
     }
 

app/src/main/java/com/stevesoltys/seedvault/header/Header.kt

@@ -1,8 +1,16 @@
+/*
+ * SPDX-FileCopyrightText: 2020 The Calyx Institute
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
 package com.stevesoltys.seedvault.header
 
 import com.stevesoltys.seedvault.crypto.GCM_AUTHENTICATION_TAG_LENGTH
+import com.stevesoltys.seedvault.crypto.TYPE_BACKUP_FULL
+import com.stevesoltys.seedvault.crypto.TYPE_BACKUP_KV
+import java.nio.ByteBuffer
 
-internal const val VERSION: Byte = 0
+internal const val VERSION: Byte = 2
 internal const val MAX_PACKAGE_LENGTH_SIZE = 255
 internal const val MAX_KEY_LENGTH_SIZE = MAX_PACKAGE_LENGTH_SIZE
 internal const val MAX_VERSION_HEADER_SIZE =
@@ -12,10 +20,11 @@ internal const val MAX_VERSION_HEADER_SIZE =
  * After the first version byte of each backup stream
  * must follow followed this header encrypted with authentication.
  */
-data class VersionHeader(
+@Deprecated("version header is in associated data now")
+internal data class VersionHeader(
     internal val version: Byte = VERSION, //  1 byte
     internal val packageName: String, // ?? bytes (max 255)
-    internal val key: String? = null // ?? bytes
+    internal val key: String? = null, // ?? bytes
 ) {
     init {
         check(packageName.length <= MAX_PACKAGE_LENGTH_SIZE) {
@@ -29,6 +38,24 @@ data class VersionHeader(
     }
 }
 
+internal fun getADForKV(version: Byte, packageName: String): ByteArray {
+    val packageNameBytes = packageName.toByteArray()
+    return ByteBuffer.allocate(2 + packageNameBytes.size)
+        .put(version)
+        .put(TYPE_BACKUP_KV)
+        .put(packageNameBytes)
+        .array()
+}
+
+internal fun getADForFull(version: Byte, packageName: String): ByteArray {
+    val packageNameBytes = packageName.toByteArray()
+    return ByteBuffer.allocate(2 + packageNameBytes.size)
+        .put(version)
+        .put(TYPE_BACKUP_FULL)
+        .put(packageNameBytes)
+        .array()
+}
+
 internal const val SEGMENT_LENGTH_SIZE: Int = Short.SIZE_BYTES
 internal const val MAX_SEGMENT_LENGTH: Int = Short.MAX_VALUE.toInt()
 internal const val MAX_SEGMENT_CLEARTEXT_LENGTH: Int =
@@ -39,9 +66,10 @@ internal const val SEGMENT_HEADER_SIZE = SEGMENT_LENGTH_SIZE + IV_SIZE
 /**
  * Each data segment must start with this header
  */
+@Deprecated("Don't do manual segments, use Crypto interface instead.")
 class SegmentHeader(
     internal val segmentLength: Short, //  2 bytes
-    internal val nonce: ByteArray // 12 bytes
+    internal val nonce: ByteArray, // 12 bytes
 ) {
     init {
         check(nonce.size == IV_SIZE) {

app/src/main/java/com/stevesoltys/seedvault/header/HeaderModule.kt

@@ -1,8 +1,12 @@
+/*
+ * SPDX-FileCopyrightText: 2020 The Calyx Institute
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
 package com.stevesoltys.seedvault.header
 
 import org.koin.dsl.module
 
 val headerModule = module {
-    single<HeaderWriter> { HeaderWriterImpl() }
     single<HeaderReader> { HeaderReaderImpl() }
 }

app/src/main/java/com/stevesoltys/seedvault/header/HeaderReader.kt

@@ -1,3 +1,8 @@
+/*
+ * SPDX-FileCopyrightText: 2020 The Calyx Institute
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
 package com.stevesoltys.seedvault.header
 
 import com.stevesoltys.seedvault.Utf8
@@ -5,28 +10,37 @@ import java.io.EOFException
 import java.io.IOException
 import java.io.InputStream
 import java.nio.ByteBuffer
+import java.security.GeneralSecurityException
 
-interface HeaderReader {
+internal interface HeaderReader {
     @Throws(IOException::class, UnsupportedVersionException::class)
-    fun readVersion(inputStream: InputStream): Byte
+    fun readVersion(inputStream: InputStream, expectedVersion: Byte): Byte
 
+    @Suppress("Deprecation")
+    @Deprecated("For restoring v0 backups only")
     @Throws(SecurityException::class)
     fun getVersionHeader(byteArray: ByteArray): VersionHeader
 
+    @Suppress("Deprecation")
+    @Deprecated("For restoring v0 backups only")
     @Throws(EOFException::class, IOException::class)
     fun readSegmentHeader(inputStream: InputStream): SegmentHeader
 }
 
 internal class HeaderReaderImpl : HeaderReader {
 
-    @Throws(IOException::class, UnsupportedVersionException::class)
-    override fun readVersion(inputStream: InputStream): Byte {
+    @Throws(IOException::class, UnsupportedVersionException::class, GeneralSecurityException::class)
+    override fun readVersion(inputStream: InputStream, expectedVersion: Byte): Byte {
         val version = inputStream.read().toByte()
         if (version < 0) throw IOException()
         if (version > VERSION) throw UnsupportedVersionException(version)
+        if (expectedVersion != version) throw GeneralSecurityException(
+            "Expected version ${expectedVersion.toInt()}, but got ${version.toInt()}"
+        )
         return version
     }
 
+    @Suppress("OverridingDeprecatedMember", "Deprecation")
     override fun getVersionHeader(byteArray: ByteArray): VersionHeader {
         val buffer = ByteBuffer.wrap(byteArray)
         val version = buffer.get()
@@ -59,6 +73,7 @@ internal class HeaderReaderImpl : HeaderReader {
     }
 
     @Throws(EOFException::class, IOException::class)
+    @Suppress("OverridingDeprecatedMember", "Deprecation")
     override fun readSegmentHeader(inputStream: InputStream): SegmentHeader {
         val buffer = ByteArray(SEGMENT_HEADER_SIZE)
         val bytesRead = inputStream.read(buffer)

app/src/main/java/com/stevesoltys/seedvault/header/HeaderWriter.kt

@@ -1,51 +0,0 @@
-package com.stevesoltys.seedvault.header
-
-import com.stevesoltys.seedvault.Utf8
-import java.io.IOException
-import java.io.OutputStream
-import java.nio.ByteBuffer
-
-interface HeaderWriter {
-    @Throws(IOException::class)
-    fun writeVersion(outputStream: OutputStream, header: VersionHeader)
-
-    fun getEncodedVersionHeader(header: VersionHeader): ByteArray
-
-    @Throws(IOException::class)
-    fun writeSegmentHeader(outputStream: OutputStream, header: SegmentHeader)
-}
-
-internal class HeaderWriterImpl : HeaderWriter {
-
-    @Throws(IOException::class)
-    override fun writeVersion(outputStream: OutputStream, header: VersionHeader) {
-        val headerBytes = ByteArray(1)
-        headerBytes[0] = header.version
-        outputStream.write(headerBytes)
-    }
-
-    override fun getEncodedVersionHeader(header: VersionHeader): ByteArray {
-        val packageBytes = header.packageName.toByteArray(Utf8)
-        val keyBytes = header.key?.toByteArray(Utf8)
-        val size = 1 + 2 + packageBytes.size + 2 + (keyBytes?.size ?: 0)
-        return ByteBuffer.allocate(size).apply {
-            put(header.version)
-            putShort(packageBytes.size.toShort())
-            put(packageBytes)
-            if (keyBytes == null) {
-                putShort(0.toShort())
-            } else {
-                putShort(keyBytes.size.toShort())
-                put(keyBytes)
-            }
-        }.array()
-    }
-
-    override fun writeSegmentHeader(outputStream: OutputStream, header: SegmentHeader) {
-        val buffer = ByteBuffer.allocate(SEGMENT_HEADER_SIZE)
-            .putShort(header.segmentLength)
-            .put(header.nonce)
-        outputStream.write(buffer.array())
-    }
-
-}

app/src/main/java/com/stevesoltys/seedvault/metadata/Metadata.kt

@@ -1,30 +1,67 @@
+/*
+ * SPDX-FileCopyrightText: 2020 The Calyx Institute
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
 package com.stevesoltys.seedvault.metadata
 
 import android.content.pm.ApplicationInfo.FLAG_STOPPED
 import android.os.Build
+import com.stevesoltys.seedvault.crypto.TYPE_METADATA
+import com.stevesoltys.seedvault.encodeBase64
 import com.stevesoltys.seedvault.header.VERSION
 import com.stevesoltys.seedvault.metadata.PackageState.UNKNOWN_ERROR
-import java.io.InputStream
+import com.stevesoltys.seedvault.proto.Snapshot
+import com.stevesoltys.seedvault.repo.hexFromProto
+import com.stevesoltys.seedvault.worker.BASE_SPLIT
+import org.calyxos.backup.storage.crypto.StreamCrypto.toByteArray
+import java.nio.ByteBuffer
 
 typealias PackageMetadataMap = HashMap<String, PackageMetadata>
 
 data class BackupMetadata(
     internal val version: Byte = VERSION,
     internal val token: Long,
+    internal val salt: String,
     internal var time: Long = 0L,
     internal val androidVersion: Int = Build.VERSION.SDK_INT,
     internal val androidIncremental: String = Build.VERSION.INCREMENTAL,
     internal val deviceName: String = "${Build.MANUFACTURER} ${Build.MODEL}",
-    internal val packageMetadataMap: PackageMetadataMap = PackageMetadataMap()
-)
+    internal var d2dBackup: Boolean = false,
+    internal val packageMetadataMap: PackageMetadataMap = PackageMetadataMap(),
+) {
+
+    companion object {
+        fun fromSnapshot(s: Snapshot) = BackupMetadata(
+            version = s.version.toByte(),
+            token = s.token,
+            salt = "",
+            time = s.token,
+            androidVersion = s.sdkInt,
+            androidIncremental = s.androidIncremental,
+            deviceName = "${s.name} - ${s.user}",
+            d2dBackup = s.d2D,
+            packageMetadataMap = s.appsMap.mapValues { (_, app) ->
+                PackageMetadata.fromSnapshot(app)
+            } as PackageMetadataMap
+        )
+    }
+
+    val size: Long
+        get() = packageMetadataMap.values.sumOf { m ->
+            (m.size ?: 0L) + (m.splits?.sumOf { it.size ?: 0L } ?: 0L)
+        }
+}
 
 internal const val JSON_METADATA = "@meta@"
 internal const val JSON_METADATA_VERSION = "version"
 internal const val JSON_METADATA_TOKEN = "token"
+internal const val JSON_METADATA_SALT = "salt"
 internal const val JSON_METADATA_TIME = "time"
 internal const val JSON_METADATA_SDK_INT = "sdk_int"
 internal const val JSON_METADATA_INCREMENTAL = "incremental"
 internal const val JSON_METADATA_NAME = "name"
+internal const val JSON_METADATA_D2D_BACKUP = "d2d_backup"
 
 enum class PackageState {
     /**
@@ -67,27 +104,84 @@ data class PackageMetadata(
      */
     internal var time: Long = 0L,
     internal var state: PackageState = UNKNOWN_ERROR,
+    internal var backupType: BackupType? = null,
+    internal var size: Long? = null,
+    internal var name: CharSequence? = null,
     internal val system: Boolean = false,
+    internal val isLaunchableSystemApp: Boolean = false,
     internal val version: Long? = null,
     internal val installer: String? = null,
     internal val splits: List<ApkSplit>? = null,
+    internal val baseApkChunkIds: List<String>? = null, // used for v2
+    internal val chunkIds: List<String>? = null, // used for v2
     internal val sha256: String? = null,
-    internal val signatures: List<String>? = null
+    internal val signatures: List<String>? = null,
 ) {
+
+    companion object {
+        fun fromSnapshot(app: Snapshot.App) = PackageMetadata(
+            time = app.time,
+            backupType = app.type.toBackupType(),
+            name = app.name,
+            chunkIds = app.chunkIdsList.hexFromProto(),
+            system = app.system,
+            isLaunchableSystemApp = app.launchableSystemApp,
+            version = app.apk.versionCode,
+            installer = app.apk.installer.takeIf { it.isNotEmpty() },
+            baseApkChunkIds = run {
+                val baseChunk = app.apk.splitsList.find { it.name == BASE_SPLIT }
+                if (baseChunk == null || baseChunk.chunkIdsCount == 0) {
+                    null
+                } else {
+                    baseChunk.chunkIdsList.hexFromProto()
+                }
+            },
+            splits = app.apk.splitsList.filter { it.name != BASE_SPLIT }.map {
+                ApkSplit(
+                    name = it.name,
+                    size = null,
+                    sha256 = "",
+                    chunkIds = if (it.chunkIdsCount == 0) null else it.chunkIdsList.hexFromProto()
+                )
+            }.takeIf { it.isNotEmpty() }, // expected null if there are no splits
+            sha256 = null,
+            signatures = app.apk.signaturesList.map { it.toByteArray().encodeBase64() }.takeIf {
+                it.isNotEmpty()
+            },
+        )
+
+        fun Snapshot.BackupType.toBackupType() = when (this) {
+            Snapshot.BackupType.FULL -> BackupType.FULL
+            Snapshot.BackupType.KV -> BackupType.KV
+            else -> null
+        }
+    }
+
+    val isInternalSystem: Boolean = system && !isLaunchableSystemApp
     fun hasApk(): Boolean {
-        return version != null && sha256 != null && signatures != null
+        return version != null && // v2 doesn't use sha256 here
+            (sha256 != null || baseApkChunkIds?.isNotEmpty() == true) &&
+            signatures != null
     }
 }
 
 data class ApkSplit(
     val name: String,
-    val sha256: String
+    val size: Long?,
+    val sha256: String,
+    val chunkIds: List<String>? = null, // used for v2
     // There's also a revisionCode, but it doesn't seem to be used just yet
 )
 
+enum class BackupType { KV, FULL }
+
 internal const val JSON_PACKAGE_TIME = "time"
+internal const val JSON_PACKAGE_BACKUP_TYPE = "backupType"
 internal const val JSON_PACKAGE_STATE = "state"
+internal const val JSON_PACKAGE_SIZE = "size"
+internal const val JSON_PACKAGE_APP_NAME = "name"
 internal const val JSON_PACKAGE_SYSTEM = "system"
+internal const val JSON_PACKAGE_SYSTEM_LAUNCHER = "systemLauncher"
 internal const val JSON_PACKAGE_VERSION = "version"
 internal const val JSON_PACKAGE_INSTALLER = "installer"
 internal const val JSON_PACKAGE_SPLITS = "splits"
@@ -97,16 +191,8 @@ internal const val JSON_PACKAGE_SIGNATURES = "signatures"
 
 internal class DecryptionFailedException(cause: Throwable) : Exception(cause)
 
-class EncryptedBackupMetadata private constructor(
-    val token: Long,
-    val inputStream: InputStream?,
-    val error: Boolean
-) {
-
-    constructor(token: Long, inputStream: InputStream) : this(token, inputStream, false)
-
-    /**
-     * Indicates that there was an error retrieving the encrypted backup metadata.
-     */
-    constructor(token: Long) : this(token, null, true)
-}
+internal fun getAD(version: Byte, token: Long) = ByteBuffer.allocate(2 + 8)
+    .put(version)
+    .put(TYPE_METADATA)
+    .put(token.toByteArray())
+    .array()

app/src/main/java/com/stevesoltys/seedvault/metadata/MetadataManager.kt

@@ -1,3 +1,8 @@
+/*
+ * SPDX-FileCopyrightText: 2020 The Calyx Institute
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
 package com.stevesoltys.seedvault.metadata
 
 import android.content.Context
@@ -6,15 +11,8 @@ import android.content.pm.PackageInfo
 import android.util.Log
 import androidx.annotation.VisibleForTesting
 import androidx.annotation.WorkerThread
-import androidx.lifecycle.LiveData
-import androidx.lifecycle.MutableLiveData
-import androidx.lifecycle.distinctUntilChanged
 import com.stevesoltys.seedvault.Clock
 import com.stevesoltys.seedvault.metadata.PackageState.APK_AND_DATA
-import com.stevesoltys.seedvault.metadata.PackageState.NOT_ALLOWED
-import com.stevesoltys.seedvault.metadata.PackageState.NO_DATA
-import com.stevesoltys.seedvault.metadata.PackageState.WAS_STOPPED
-import com.stevesoltys.seedvault.transport.backup.isSystemApp
 import java.io.FileNotFoundException
 import java.io.IOException
 import java.io.OutputStream
@@ -23,117 +21,63 @@ private val TAG = MetadataManager::class.java.simpleName
 
 @VisibleForTesting
 internal const val METADATA_CACHE_FILE = "metadata.cache"
+internal const val METADATA_SALT_SIZE = 32
 
 @WorkerThread
-class MetadataManager(
+internal class MetadataManager(
     private val context: Context,
     private val clock: Clock,
     private val metadataWriter: MetadataWriter,
-    private val metadataReader: MetadataReader
+    private val metadataReader: MetadataReader,
 ) {
 
-    private val uninitializedMetadata = BackupMetadata(token = 0L)
+    private val uninitializedMetadata = BackupMetadata(token = -42L, salt = "foo bar")
     private var metadata: BackupMetadata = uninitializedMetadata
         get() {
             if (field == uninitializedMetadata) {
                 field = try {
-                    getMetadataFromCache() ?: throw IOException()
+                    val m = getMetadataFromCache() ?: throw IOException()
+                    if (m == uninitializedMetadata) m.copy(salt = "initialized")
+                    else m
                 } catch (e: IOException) {
-                    // If this happens, it is hard to recover from this. Let's hope it never does.
-                    throw AssertionError("Error reading metadata from cache", e)
+                    // This can happen if the storage location ran out of space
+                    // or the app process got killed while writing the file.
+                    // It is hard to recover from this, so we try as best as we can here:
+                    Log.e(TAG, "ERROR getting metadata cache, creating new file ", e)
+                    uninitializedMetadata.copy(salt = "initialized")
                 }
-                mLastBackupTime.postValue(field.time)
             }
             return field
         }
 
-    /**
-     * Call this when initializing a new device.
-     *
-     * Existing [BackupMetadata] will be cleared, use the given new token,
-     * and written encrypted to the given [OutputStream] as well as the internal cache.
-     */
-    @Synchronized
-    @Throws(IOException::class)
-    fun onDeviceInitialization(token: Long, metadataOutputStream: OutputStream) {
-        modifyMetadata(metadataOutputStream) {
-            metadata = BackupMetadata(token = token)
-        }
-    }
-
-    /**
-     * Call this after a package's APK has been backed up successfully.
-     *
-     * It updates the packages' metadata
-     * and writes it encrypted to the given [OutputStream] as well as the internal cache.
-     *
-     * Closing the [OutputStream] is the responsibility of the caller.
-     */
-    @Synchronized
-    @Throws(IOException::class)
-    fun onApkBackedUp(
-        packageInfo: PackageInfo,
-        packageMetadata: PackageMetadata,
-        metadataOutputStream: OutputStream
-    ) {
-        val packageName = packageInfo.packageName
-        metadata.packageMetadataMap[packageName]?.let {
-            check(packageMetadata.version != null) {
-                "APK backup returned version null"
-            }
-            check(it.version == null || it.version < packageMetadata.version) {
-                "APK backup backed up the same or a smaller version:" +
-                    "was ${it.version} is ${packageMetadata.version}"
-            }
-        }
-        val oldPackageMetadata = metadata.packageMetadataMap[packageName]
-            ?: PackageMetadata()
-        // only allow state change if backup of this package is not allowed,
-        // because we need to change from the default of UNKNOWN_ERROR here,
-        // but otherwise don't want to modify the state since set elsewhere.
-        val newState =
-            if (packageMetadata.state == NOT_ALLOWED || packageMetadata.state == WAS_STOPPED) {
-                packageMetadata.state
-            } else {
-                oldPackageMetadata.state
-            }
-        modifyMetadata(metadataOutputStream) {
-            metadata.packageMetadataMap[packageName] = oldPackageMetadata.copy(
-                state = newState,
-                system = packageInfo.isSystemApp(),
-                version = packageMetadata.version,
-                installer = packageMetadata.installer,
-                splits = packageMetadata.splits,
-                sha256 = packageMetadata.sha256,
-                signatures = packageMetadata.signatures
-            )
-        }
-    }
-
     /**
      * Call this after a package has been backed up successfully.
      *
-     * It updates the packages' metadata
-     * and writes it encrypted to the given [OutputStream] as well as the internal cache.
-     *
-     * Closing the [OutputStream] is the responsibility of the caller.
+     * It updates the packages' metadata.
      */
     @Synchronized
     @Throws(IOException::class)
-    fun onPackageBackedUp(packageInfo: PackageInfo, metadataOutputStream: OutputStream) {
+    fun onPackageBackedUp(
+        packageInfo: PackageInfo,
+        type: BackupType?,
+        size: Long?,
+    ) {
         val packageName = packageInfo.packageName
-        modifyMetadata(metadataOutputStream) {
+        modifyCachedMetadata {
             val now = clock.time()
-            metadata.time = now
-            if (metadata.packageMetadataMap.containsKey(packageName)) {
-                metadata.packageMetadataMap[packageName]!!.time = now
-                metadata.packageMetadataMap[packageName]!!.state = APK_AND_DATA
-            } else {
-                metadata.packageMetadataMap[packageName] = PackageMetadata(
+            metadata.packageMetadataMap.getOrPut(packageName) {
+                PackageMetadata(
                     time = now,
                     state = APK_AND_DATA,
-                    system = packageInfo.isSystemApp()
+                    backupType = type,
+                    size = size,
                 )
+            }.apply {
+                time = now
+                state = APK_AND_DATA
+                backupType = type
+                // don't override a previous K/V size, if there were no K/V changes
+                if (size != null) this.size = size
             }
         }
     }
@@ -149,29 +93,60 @@ class MetadataManager(
     internal fun onPackageBackupError(
         packageInfo: PackageInfo,
         packageState: PackageState,
-        metadataOutputStream: OutputStream
+        backupType: BackupType? = null,
     ) {
         check(packageState != APK_AND_DATA) { "Backup Error with non-error package state." }
-        val packageName = packageInfo.packageName
-        modifyMetadata(metadataOutputStream) {
-            if (metadata.packageMetadataMap.containsKey(packageName)) {
-                metadata.packageMetadataMap[packageName]!!.state = packageState
-            } else {
-                metadata.packageMetadataMap[packageName] = PackageMetadata(
+        modifyCachedMetadata {
+            metadata.packageMetadataMap.getOrPut(packageInfo.packageName) {
+                PackageMetadata(
                     time = 0L,
                     state = packageState,
-                    system = packageInfo.isSystemApp()
+                    backupType = backupType,
+                    name = packageInfo.applicationInfo?.loadLabel(context.packageManager),
                 )
+            }.state = packageState
+        }
+    }
+
+    /**
+     * Call this for all packages we can not back up for some reason.
+     *
+     * It updates the packages' local metadata.
+     */
+    @Synchronized
+    @Throws(IOException::class)
+    internal fun onPackageDoesNotGetBackedUp(
+        packageInfo: PackageInfo,
+        packageState: PackageState,
+    ) = modifyCachedMetadata {
+        metadata.packageMetadataMap.getOrPut(packageInfo.packageName) {
+            PackageMetadata(
+                time = 0L,
+                state = packageState,
+                name = packageInfo.applicationInfo?.loadLabel(context.packageManager),
+            )
+        }.apply {
+            state = packageState
+            // update name, if none was set, yet (can happen while migrating to storing names)
+            if (this.name == null) {
+                this.name = packageInfo.applicationInfo?.loadLabel(context.packageManager)
             }
         }
     }
 
+    @Synchronized
+    fun getPackageMetadata(packageName: String): PackageMetadata? {
+        return metadata.packageMetadataMap[packageName]?.copy()
+    }
+
     @Throws(IOException::class)
-    private fun modifyMetadata(metadataOutputStream: OutputStream, modFun: () -> Unit) {
-        val oldMetadata = metadata.copy()
+    private fun modifyCachedMetadata(modFun: () -> Unit) {
+        val oldMetadata = metadata.copy(
+            // copy map, otherwise it will re-use same reference
+            packageMetadataMap = PackageMetadataMap(metadata.packageMetadataMap),
+        )
         try {
             modFun.invoke()
-            metadataWriter.write(metadata, metadataOutputStream)
             writeMetadataToCache()
         } catch (e: IOException) {
             Log.w(TAG, "Error writing metadata to storage", e)
@@ -179,47 +154,6 @@ class MetadataManager(
             metadata = oldMetadata
             throw IOException(e)
         }
-        mLastBackupTime.postValue(metadata.time)
-    }
-
-    /**
-     * Returns the current backup token.
-     *
-     * If the token is 0L, it is not yet initialized and must not be used for anything.
-     */
-    @Synchronized
-    @Deprecated(
-        "Responsibility for current token moved to SettingsManager",
-        ReplaceWith("settingsManager.getToken()")
-    )
-    fun getBackupToken(): Long = metadata.token
-
-    /**
-     * Returns the last backup time in unix epoch milli seconds.
-     *
-     * Note that this might be a blocking I/O call.
-     */
-    @Synchronized
-    fun getLastBackupTime(): Long = mLastBackupTime.value ?: metadata.time
-
-    private val mLastBackupTime = MutableLiveData<Long>()
-    internal val lastBackupTime: LiveData<Long> = mLastBackupTime.distinctUntilChanged()
-
-    @Synchronized
-    fun getPackageMetadata(packageName: String): PackageMetadata? {
-        return metadata.packageMetadataMap[packageName]?.copy()
-    }
-
-    @Synchronized
-    fun getPackagesNumBackedUp(): Int {
-        // FIXME we are under-reporting packages here,
-        //  because we have no way to also include upgraded system apps
-        return metadata.packageMetadataMap.filter { (_, packageMetadata) ->
-            !packageMetadata.system && ( // ignore system apps
-                packageMetadata.state == APK_AND_DATA || // either full success
-                    packageMetadata.state == NO_DATA // or apps that simply had no data
-                )
-        }.count()
     }
 
     @Synchronized

app/src/main/java/com/stevesoltys/seedvault/metadata/MetadataModule.kt

@@ -1,3 +1,8 @@
+/*
+ * SPDX-FileCopyrightText: 2020 The Calyx Institute
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
 package com.stevesoltys.seedvault.metadata
 
 import org.koin.android.ext.koin.androidContext
@@ -5,6 +10,6 @@ import org.koin.dsl.module
 
 val metadataModule = module {
     single { MetadataManager(androidContext(), get(), get(), get()) }
-    single<MetadataWriter> { MetadataWriterImpl(get()) }
+    single<MetadataWriter> { MetadataWriterImpl() }
     single<MetadataReader> { MetadataReaderImpl(get()) }
 }

app/src/main/java/com/stevesoltys/seedvault/metadata/MetadataReader.kt

@@ -1,3 +1,8 @@
+/*
+ * SPDX-FileCopyrightText: 2020 The Calyx Institute
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
 package com.stevesoltys.seedvault.metadata
 
 import com.stevesoltys.seedvault.Utf8
@@ -14,6 +19,7 @@ import org.json.JSONException
 import org.json.JSONObject
 import java.io.IOException
 import java.io.InputStream
+import java.security.GeneralSecurityException
 import javax.crypto.AEADBadTagException
 
 interface MetadataReader {
@@ -30,7 +36,7 @@ interface MetadataReader {
     fun decode(
         bytes: ByteArray,
         expectedVersion: Byte? = null,
-        expectedToken: Long? = null
+        expectedToken: Long? = null,
     ): BackupMetadata
 
 }
@@ -47,19 +53,37 @@ internal class MetadataReaderImpl(private val crypto: Crypto) : MetadataReader {
         val version = inputStream.read().toByte()
         if (version < 0) throw IOException()
         if (version > VERSION) throw UnsupportedVersionException(version)
+        if (version == 0.toByte()) return readMetadataV0(inputStream, expectedToken)
+
+        val metadataBytes = try {
+            crypto.newDecryptingStreamV1(inputStream, getAD(version, expectedToken)).readBytes()
+        } catch (e: GeneralSecurityException) {
+            throw DecryptionFailedException(e)
+        }
+        return decode(metadataBytes, version, expectedToken)
+    }
+
+    @Throws(
+        SecurityException::class,
+        DecryptionFailedException::class,
+        UnsupportedVersionException::class,
+        IOException::class
+    )
+    @Suppress("Deprecation")
+    private fun readMetadataV0(inputStream: InputStream, expectedToken: Long): BackupMetadata {
         val metadataBytes = try {
             crypto.decryptMultipleSegments(inputStream)
         } catch (e: AEADBadTagException) {
             throw DecryptionFailedException(e)
         }
-        return decode(metadataBytes, version, expectedToken)
+        return decode(metadataBytes, 0.toByte(), expectedToken)
     }
 
     @Throws(SecurityException::class)
     override fun decode(
         bytes: ByteArray,
         expectedVersion: Byte?,
-        expectedToken: Long?
+        expectedToken: Long?,
     ): BackupMetadata {
         // NOTE: We don't do extensive validation of the parsed input here,
         // because it was encrypted with authentication, so we should be able to trust it.
@@ -70,14 +94,14 @@ internal class MetadataReaderImpl(private val crypto: Crypto) : MetadataReader {
             val json = JSONObject(bytes.toString(Utf8))
             // get backup metadata and check expectations
             val meta = json.getJSONObject(JSON_METADATA)
-            val version = meta.getInt(JSON_METADATA_VERSION).toByte()
+            val version = meta.optInt(JSON_METADATA_VERSION, VERSION.toInt()).toByte()
             if (expectedVersion != null && version != expectedVersion) {
                 throw SecurityException(
                     "Invalid version '${version.toInt()}' in metadata," +
                         "expected '${expectedVersion.toInt()}'."
                 )
             }
-            val token = meta.getLong(JSON_METADATA_TOKEN)
+            val token = meta.optLong(JSON_METADATA_TOKEN, 0)
             if (expectedToken != null && token != expectedToken) throw SecurityException(
                 "Invalid token '$token' in metadata, expected '$expectedToken'."
             )
@@ -94,6 +118,15 @@ internal class MetadataReaderImpl(private val crypto: Crypto) : MetadataReader {
                     WAS_STOPPED.name -> WAS_STOPPED
                     else -> UNKNOWN_ERROR
                 }
+                val pBackupType = when (p.optString(JSON_PACKAGE_BACKUP_TYPE)) {
+                    BackupType.KV.name -> BackupType.KV
+                    BackupType.FULL.name -> BackupType.FULL
+                    // we can't fail when format version is 0,
+                    // because when only backing up the APK for example, there's no type
+                    else -> null
+                }
+                val pSize = p.optLong(JSON_PACKAGE_SIZE, -1L)
+                val pName = p.optString(JSON_PACKAGE_APP_NAME)
                 val pSystem = p.optBoolean(JSON_PACKAGE_SYSTEM, false)
                 val pVersion = p.optLong(JSON_PACKAGE_VERSION, 0L)
                 val pInstaller = p.optString(JSON_PACKAGE_INSTALLER)
@@ -109,7 +142,11 @@ internal class MetadataReaderImpl(private val crypto: Crypto) : MetadataReader {
                 packageMetadataMap[packageName] = PackageMetadata(
                     time = p.getLong(JSON_PACKAGE_TIME),
                     state = pState,
+                    backupType = pBackupType,
+                    size = if (pSize < 0L) null else pSize,
+                    name = if (pName == "") null else pName,
                     system = pSystem,
+                    isLaunchableSystemApp = p.optBoolean(JSON_PACKAGE_SYSTEM_LAUNCHER, false),
                     version = if (pVersion == 0L) null else pVersion,
                     installer = if (pInstaller == "") null else pInstaller,
                     splits = getSplits(p),
@@ -120,11 +157,13 @@ internal class MetadataReaderImpl(private val crypto: Crypto) : MetadataReader {
             return BackupMetadata(
                 version = version,
                 token = token,
-                time = meta.getLong(JSON_METADATA_TIME),
-                androidVersion = meta.getInt(JSON_METADATA_SDK_INT),
-                androidIncremental = meta.getString(JSON_METADATA_INCREMENTAL),
-                deviceName = meta.getString(JSON_METADATA_NAME),
-                packageMetadataMap = packageMetadataMap
+                salt = if (version == 0.toByte()) "" else meta.optString(JSON_METADATA_SALT, ""),
+                time = meta.optLong(JSON_METADATA_TIME, -1),
+                androidVersion = meta.optInt(JSON_METADATA_SDK_INT, 0),
+                androidIncremental = meta.optString(JSON_METADATA_INCREMENTAL),
+                deviceName = meta.optString(JSON_METADATA_NAME),
+                d2dBackup = meta.optBoolean(JSON_METADATA_D2D_BACKUP, false),
+                packageMetadataMap = packageMetadataMap,
             )
         } catch (e: JSONException) {
             throw SecurityException(e)
@@ -138,6 +177,9 @@ internal class MetadataReaderImpl(private val crypto: Crypto) : MetadataReader {
             val jsonApkSplit = jsonSplits.getJSONObject(i)
             val apkSplit = ApkSplit(
                 name = jsonApkSplit.getString(JSON_PACKAGE_SPLIT_NAME),
+                size = jsonApkSplit.optLong(JSON_PACKAGE_SIZE, -1L).let {
+                    if (it < 0L) null else it
+                },
                 sha256 = jsonApkSplit.getString(JSON_PACKAGE_SHA256)
             )
             splits.add(apkSplit)

app/src/main/java/com/stevesoltys/seedvault/metadata/MetadataWriter.kt

@@ -1,38 +1,23 @@
+/*
+ * SPDX-FileCopyrightText: 2020 The Calyx Institute
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
 package com.stevesoltys.seedvault.metadata
 
 import com.stevesoltys.seedvault.Utf8
-import com.stevesoltys.seedvault.crypto.Crypto
 import com.stevesoltys.seedvault.metadata.PackageState.APK_AND_DATA
-import org.json.JSONArray
 import org.json.JSONObject
-import java.io.IOException
-import java.io.OutputStream
 
 interface MetadataWriter {
-    @Throws(IOException::class)
-    fun write(metadata: BackupMetadata, outputStream: OutputStream)
-
     fun encode(metadata: BackupMetadata): ByteArray
 }
 
-internal class MetadataWriterImpl(private val crypto: Crypto) : MetadataWriter {
-
-    @Throws(IOException::class)
-    override fun write(metadata: BackupMetadata, outputStream: OutputStream) {
-        outputStream.write(ByteArray(1).apply { this[0] = metadata.version })
-        crypto.encryptMultipleSegments(outputStream, encode(metadata))
-    }
+internal class MetadataWriterImpl : MetadataWriter {
 
     override fun encode(metadata: BackupMetadata): ByteArray {
         val json = JSONObject().apply {
-            put(JSON_METADATA, JSONObject().apply {
-                put(JSON_METADATA_VERSION, metadata.version.toInt())
-                put(JSON_METADATA_TOKEN, metadata.token)
-                put(JSON_METADATA_TIME, metadata.time)
-                put(JSON_METADATA_SDK_INT, metadata.androidVersion)
-                put(JSON_METADATA_INCREMENTAL, metadata.androidIncremental)
-                put(JSON_METADATA_NAME, metadata.deviceName)
-            })
+            put(JSON_METADATA, JSONObject())
         }
         for ((packageName, packageMetadata) in metadata.packageMetadataMap) {
             json.put(packageName, JSONObject().apply {
@@ -40,24 +25,16 @@ internal class MetadataWriterImpl(private val crypto: Crypto) : MetadataWriter {
                 if (packageMetadata.state != APK_AND_DATA) {
                     put(JSON_PACKAGE_STATE, packageMetadata.state.name)
                 }
-                if (packageMetadata.system) {
-                    put(JSON_PACKAGE_SYSTEM, packageMetadata.system)
+                // We can't require a backup type in metadata at this point,
+                // only when version > 0 and we have actual restore data
+                if (packageMetadata.backupType != null) {
+                    put(JSON_PACKAGE_BACKUP_TYPE, packageMetadata.backupType!!.name)
                 }
-                packageMetadata.version?.let { put(JSON_PACKAGE_VERSION, it) }
-                packageMetadata.installer?.let { put(JSON_PACKAGE_INSTALLER, it) }
-                packageMetadata.splits?.let { splits ->
-                    put(JSON_PACKAGE_SPLITS, JSONArray().apply {
-                        for (split in splits) put(JSONObject().apply {
-                            put(JSON_PACKAGE_SPLIT_NAME, split.name)
-                            put(JSON_PACKAGE_SHA256, split.sha256)
-                        })
-                    })
+                if (packageMetadata.size != null) {
+                    put(JSON_PACKAGE_SIZE, packageMetadata.size)
                 }
-                packageMetadata.sha256?.let { put(JSON_PACKAGE_SHA256, it) }
-                packageMetadata.signatures?.let { put(JSON_PACKAGE_SIGNATURES, JSONArray(it)) }
             })
         }
         return json.toString().toByteArray(Utf8)
     }
-
 }

app/src/main/java/com/stevesoltys/seedvault/plugins/saf/DocumentsProviderBackupPlugin.kt

@@ -1,71 +0,0 @@
-package com.stevesoltys.seedvault.plugins.saf
-
-import android.content.Context
-import android.content.pm.PackageInfo
-import android.content.pm.PackageManager
-import com.stevesoltys.seedvault.transport.backup.BackupPlugin
-import com.stevesoltys.seedvault.transport.backup.FullBackupPlugin
-import com.stevesoltys.seedvault.transport.backup.KVBackupPlugin
-import java.io.IOException
-import java.io.OutputStream
-
-private const val MIME_TYPE_APK = "application/vnd.android.package-archive"
-
-@Suppress("BlockingMethodInNonBlockingContext")
-internal class DocumentsProviderBackupPlugin(
-    private val context: Context,
-    private val storage: DocumentsStorage,
-    override val kvBackupPlugin: KVBackupPlugin,
-    override val fullBackupPlugin: FullBackupPlugin
-) : BackupPlugin {
-
-    private val packageManager: PackageManager = context.packageManager
-
-    @Throws(IOException::class)
-    override suspend fun startNewRestoreSet(token: Long) {
-        // reset current storage
-        storage.reset(token)
-
-        // get or create root backup dir
-        storage.rootBackupDir ?: throw IOException()
-    }
-
-    @Throws(IOException::class)
-    override suspend fun initializeDevice() {
-        // wipe existing data
-        storage.getSetDir()?.deleteContents(context)
-
-        // reset storage without new token, so folders get recreated
-        // otherwise stale DocumentFiles will hang around
-        storage.reset(null)
-
-        // create backup folders
-        storage.currentKvBackupDir ?: throw IOException()
-        storage.currentFullBackupDir ?: throw IOException()
-    }
-
-    @Throws(IOException::class)
-    override suspend fun getMetadataOutputStream(): OutputStream {
-        val setDir = storage.getSetDir() ?: throw IOException()
-        val metadataFile = setDir.createOrGetFile(context, FILE_BACKUP_METADATA)
-        return storage.getOutputStream(metadataFile)
-    }
-
-    @Throws(IOException::class)
-    override suspend fun getApkOutputStream(
-        packageInfo: PackageInfo,
-        suffix: String
-    ): OutputStream {
-        val setDir = storage.getSetDir() ?: throw IOException()
-        val name = "${packageInfo.packageName}$suffix.apk"
-        val file = setDir.createOrGetFile(context, name, MIME_TYPE_APK)
-        return storage.getOutputStream(file)
-    }
-
-    override val providerPackageName: String? by lazy {
-        val authority = storage.getAuthority() ?: return@lazy null
-        val providerInfo = packageManager.resolveContentProvider(authority, 0) ?: return@lazy null
-        providerInfo.packageName
-    }
-
-}