summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorFup Duck <fupduck@sacknagel.com>2018-02-12 13:35:16 +0100
committerFup Duck <fupduck@sacknagel.com>2018-02-12 13:36:25 +0100
commit24788afa45ff46616b41626e7607d4461ab77387 (patch)
treed75d428ffe3e77f55d3723a0682a5fb5b7b0c9df
parente9d3260f6439c4b00c6708658d6edd61a246ea67 (diff)
8827 - remove caCertificate from Provider
It's already represented by CertificatePin & CertificatePinEncoding
-rw-r--r--app/src/main/java/se/leap/bitmaskclient/ConfigHelper.java1
-rw-r--r--app/src/main/java/se/leap/bitmaskclient/Provider.java22
-rw-r--r--app/src/main/java/se/leap/bitmaskclient/ProviderApiManagerBase.java22
3 files changed, 4 insertions, 41 deletions
diff --git a/app/src/main/java/se/leap/bitmaskclient/ConfigHelper.java b/app/src/main/java/se/leap/bitmaskclient/ConfigHelper.java
index ba078701..7b2accd6 100644
--- a/app/src/main/java/se/leap/bitmaskclient/ConfigHelper.java
+++ b/app/src/main/java/se/leap/bitmaskclient/ConfigHelper.java
@@ -280,7 +280,6 @@ public class ConfigHelper {
provider.setMainUrl(new URL(preferences.getString(Provider.MAIN_URL, "")));
provider.define(new JSONObject(preferences.getString(Provider.KEY, "")));
provider.setCaCert(preferences.getString(Provider.CA_CERT, ""));
- provider.setCaCertFingerprint(preferences.getString(Provider.CA_CERT_FINGERPRINT, ""));
provider.setVpnCertificate(preferences.getString(PROVIDER_VPN_CERTIFICATE, ""));
provider.setPrivateKey(preferences.getString(PROVIDER_PRIVATE_KEY, ""));
} catch (MalformedURLException | JSONException e) {
diff --git a/app/src/main/java/se/leap/bitmaskclient/Provider.java b/app/src/main/java/se/leap/bitmaskclient/Provider.java
index 7aa2f398..a2f50dd9 100644
--- a/app/src/main/java/se/leap/bitmaskclient/Provider.java
+++ b/app/src/main/java/se/leap/bitmaskclient/Provider.java
@@ -45,7 +45,6 @@ public final class Provider implements Parcelable {
private String certificatePin = "";
private String certificatePinEncoding = "";
private String caCert = "";
- private String caCertFingerprint = "";
private String apiVersion = "";
private String privateKey = "";
private String vpnCertificate = "";
@@ -191,12 +190,6 @@ public final class Provider implements Parcelable {
return apiVersion;
}
- protected String certificatePin() { return certificatePin; }
-
- protected boolean hasCertificatePin() {
- return certificatePin != null && !certificatePin.isEmpty();
- }
-
boolean hasCaCert() {
return caCert != null && !caCert.isEmpty();
}
@@ -210,10 +203,6 @@ public final class Provider implements Parcelable {
return caCert;
}
- public String getCaCertFingerprint() {
- return caCertFingerprint;
- }
-
public String getName() {
// Should we pass the locale in, or query the system here?
String lang = Locale.getDefault().getLanguage();
@@ -276,7 +265,6 @@ public final class Provider implements Parcelable {
parcel.writeString(getMainUrlString());
parcel.writeString(getDefinitionString());
parcel.writeString(getCaCert());
- parcel.writeString(getCaCertFingerprint());
parcel.writeString(getEipServiceJsonString());
parcel.writeString(getPrivateKey());
parcel.writeString(getVpnCertificate());
@@ -294,7 +282,6 @@ public final class Provider implements Parcelable {
certificatePin.equals(p.getCertificatePin()) &&
certificatePinEncoding.equals(p.getCertificatePinEncoding()) &&
caCert.equals(p.getCaCert()) &&
- caCertFingerprint.equals(p.getCaCertFingerprint()) &&
apiVersion.equals(p.getApiVersion()) &&
privateKey.equals(p.getPrivateKey()) &&
vpnCertificate.equals(p.getVpnCertificate()) &&
@@ -341,10 +328,6 @@ public final class Provider implements Parcelable {
}
tmpString = in.readString();
if (!tmpString.isEmpty()) {
- this.caCertFingerprint = tmpString;
- }
- tmpString = in.readString();
- if (!tmpString.isEmpty()) {
this.setEipServiceJson(new JSONObject(tmpString));
}
tmpString = in.readString();
@@ -378,10 +361,6 @@ public final class Provider implements Parcelable {
this.caCert = cert;
}
- public void setCaCertFingerprint(String certFingerprint) {
- this.caCertFingerprint = certFingerprint;
- }
-
public boolean allowsAnonymous() {
return allowAnonymous;
}
@@ -451,7 +430,6 @@ public final class Provider implements Parcelable {
certificatePin = "";
certificatePinEncoding = "";
caCert = "";
- caCertFingerprint = "";
apiVersion = "";
privateKey = "";
vpnCertificate = "";
diff --git a/app/src/main/java/se/leap/bitmaskclient/ProviderApiManagerBase.java b/app/src/main/java/se/leap/bitmaskclient/ProviderApiManagerBase.java
index f4fee635..505ee55b 100644
--- a/app/src/main/java/se/leap/bitmaskclient/ProviderApiManagerBase.java
+++ b/app/src/main/java/se/leap/bitmaskclient/ProviderApiManagerBase.java
@@ -683,7 +683,6 @@ public abstract class ProviderApiManagerBase {
result.putBoolean(BROADCAST_RESULT_KEY, false);
String caCert = provider.getCaCert();
- JSONObject providerDefinition = provider.getDefinition();
if (ConfigHelper.checkErroneousDownload(caCert)) {
return result;
@@ -695,15 +694,15 @@ public abstract class ProviderApiManagerBase {
}
try {
certificate.checkValidity();
- String fingerprint = getCaCertFingerprint(providerDefinition);
- String encoding = fingerprint.split(":")[0];
- String expectedFingerprint = fingerprint.split(":")[1];
+ String encoding = provider.getCertificatePinEncoding();
+ String expectedFingerprint = provider.getCertificatePin();
+
String realFingerprint = getFingerprintFromCertificate(certificate, encoding);
if (!realFingerprint.trim().equalsIgnoreCase(expectedFingerprint.trim())) {
return setErrorResult(result, warning_corrupted_provider_cert, ERROR_CERTIFICATE_PINNING.toString());
}
- if (!canConnect(caCert, providerDefinition, result)) {
+ if (!canConnect(caCert, provider.getDefinition(), result)) {
return result;
}
} catch (NoSuchAlgorithmException e ) {
@@ -730,15 +729,6 @@ public abstract class ProviderApiManagerBase {
return result;
}
- protected String getCaCertFingerprint(JSONObject providerDefinition) {
- try {
- return providerDefinition.getString(Provider.CA_CERT_FINGERPRINT);
- } catch (JSONException e) {
- e.printStackTrace();
- }
- return "";
- }
-
protected String getApiUrl(JSONObject providerDefinition) {
try {
return providerDefinition.getString(Provider.API_URL);
@@ -748,10 +738,6 @@ public abstract class ProviderApiManagerBase {
return "";
}
- protected String getPersistedCaCertFingerprint(String providerDomain) {
- return ConfigHelper.getFromPersistedProvider(Provider.CA_CERT_FINGERPRINT, providerDomain, preferences);
- }
-
protected String getPersistedPrivateKey(String providerDomain) {
return ConfigHelper.getFromPersistedProvider(PROVIDER_PRIVATE_KEY, providerDomain, preferences);
}