diff options
author | Fup Duck <fupduck@sacknagel.com> | 2018-02-12 13:35:16 +0100 |
---|---|---|
committer | Fup Duck <fupduck@sacknagel.com> | 2018-02-12 13:36:25 +0100 |
commit | 24788afa45ff46616b41626e7607d4461ab77387 (patch) | |
tree | d75d428ffe3e77f55d3723a0682a5fb5b7b0c9df | |
parent | e9d3260f6439c4b00c6708658d6edd61a246ea67 (diff) |
8827 - remove caCertificate from Provider
It's already represented by CertificatePin & CertificatePinEncoding
3 files changed, 4 insertions, 41 deletions
diff --git a/app/src/main/java/se/leap/bitmaskclient/ConfigHelper.java b/app/src/main/java/se/leap/bitmaskclient/ConfigHelper.java index ba078701..7b2accd6 100644 --- a/app/src/main/java/se/leap/bitmaskclient/ConfigHelper.java +++ b/app/src/main/java/se/leap/bitmaskclient/ConfigHelper.java @@ -280,7 +280,6 @@ public class ConfigHelper { provider.setMainUrl(new URL(preferences.getString(Provider.MAIN_URL, ""))); provider.define(new JSONObject(preferences.getString(Provider.KEY, ""))); provider.setCaCert(preferences.getString(Provider.CA_CERT, "")); - provider.setCaCertFingerprint(preferences.getString(Provider.CA_CERT_FINGERPRINT, "")); provider.setVpnCertificate(preferences.getString(PROVIDER_VPN_CERTIFICATE, "")); provider.setPrivateKey(preferences.getString(PROVIDER_PRIVATE_KEY, "")); } catch (MalformedURLException | JSONException e) { diff --git a/app/src/main/java/se/leap/bitmaskclient/Provider.java b/app/src/main/java/se/leap/bitmaskclient/Provider.java index 7aa2f398..a2f50dd9 100644 --- a/app/src/main/java/se/leap/bitmaskclient/Provider.java +++ b/app/src/main/java/se/leap/bitmaskclient/Provider.java @@ -45,7 +45,6 @@ public final class Provider implements Parcelable { private String certificatePin = ""; private String certificatePinEncoding = ""; private String caCert = ""; - private String caCertFingerprint = ""; private String apiVersion = ""; private String privateKey = ""; private String vpnCertificate = ""; @@ -191,12 +190,6 @@ public final class Provider implements Parcelable { return apiVersion; } - protected String certificatePin() { return certificatePin; } - - protected boolean hasCertificatePin() { - return certificatePin != null && !certificatePin.isEmpty(); - } - boolean hasCaCert() { return caCert != null && !caCert.isEmpty(); } @@ -210,10 +203,6 @@ public final class Provider implements Parcelable { return caCert; } - public String getCaCertFingerprint() { - return caCertFingerprint; - } - public String getName() { // Should we pass the locale in, or query the system here? String lang = Locale.getDefault().getLanguage(); @@ -276,7 +265,6 @@ public final class Provider implements Parcelable { parcel.writeString(getMainUrlString()); parcel.writeString(getDefinitionString()); parcel.writeString(getCaCert()); - parcel.writeString(getCaCertFingerprint()); parcel.writeString(getEipServiceJsonString()); parcel.writeString(getPrivateKey()); parcel.writeString(getVpnCertificate()); @@ -294,7 +282,6 @@ public final class Provider implements Parcelable { certificatePin.equals(p.getCertificatePin()) && certificatePinEncoding.equals(p.getCertificatePinEncoding()) && caCert.equals(p.getCaCert()) && - caCertFingerprint.equals(p.getCaCertFingerprint()) && apiVersion.equals(p.getApiVersion()) && privateKey.equals(p.getPrivateKey()) && vpnCertificate.equals(p.getVpnCertificate()) && @@ -341,10 +328,6 @@ public final class Provider implements Parcelable { } tmpString = in.readString(); if (!tmpString.isEmpty()) { - this.caCertFingerprint = tmpString; - } - tmpString = in.readString(); - if (!tmpString.isEmpty()) { this.setEipServiceJson(new JSONObject(tmpString)); } tmpString = in.readString(); @@ -378,10 +361,6 @@ public final class Provider implements Parcelable { this.caCert = cert; } - public void setCaCertFingerprint(String certFingerprint) { - this.caCertFingerprint = certFingerprint; - } - public boolean allowsAnonymous() { return allowAnonymous; } @@ -451,7 +430,6 @@ public final class Provider implements Parcelable { certificatePin = ""; certificatePinEncoding = ""; caCert = ""; - caCertFingerprint = ""; apiVersion = ""; privateKey = ""; vpnCertificate = ""; diff --git a/app/src/main/java/se/leap/bitmaskclient/ProviderApiManagerBase.java b/app/src/main/java/se/leap/bitmaskclient/ProviderApiManagerBase.java index f4fee635..505ee55b 100644 --- a/app/src/main/java/se/leap/bitmaskclient/ProviderApiManagerBase.java +++ b/app/src/main/java/se/leap/bitmaskclient/ProviderApiManagerBase.java @@ -683,7 +683,6 @@ public abstract class ProviderApiManagerBase { result.putBoolean(BROADCAST_RESULT_KEY, false); String caCert = provider.getCaCert(); - JSONObject providerDefinition = provider.getDefinition(); if (ConfigHelper.checkErroneousDownload(caCert)) { return result; @@ -695,15 +694,15 @@ public abstract class ProviderApiManagerBase { } try { certificate.checkValidity(); - String fingerprint = getCaCertFingerprint(providerDefinition); - String encoding = fingerprint.split(":")[0]; - String expectedFingerprint = fingerprint.split(":")[1]; + String encoding = provider.getCertificatePinEncoding(); + String expectedFingerprint = provider.getCertificatePin(); + String realFingerprint = getFingerprintFromCertificate(certificate, encoding); if (!realFingerprint.trim().equalsIgnoreCase(expectedFingerprint.trim())) { return setErrorResult(result, warning_corrupted_provider_cert, ERROR_CERTIFICATE_PINNING.toString()); } - if (!canConnect(caCert, providerDefinition, result)) { + if (!canConnect(caCert, provider.getDefinition(), result)) { return result; } } catch (NoSuchAlgorithmException e ) { @@ -730,15 +729,6 @@ public abstract class ProviderApiManagerBase { return result; } - protected String getCaCertFingerprint(JSONObject providerDefinition) { - try { - return providerDefinition.getString(Provider.CA_CERT_FINGERPRINT); - } catch (JSONException e) { - e.printStackTrace(); - } - return ""; - } - protected String getApiUrl(JSONObject providerDefinition) { try { return providerDefinition.getString(Provider.API_URL); @@ -748,10 +738,6 @@ public abstract class ProviderApiManagerBase { return ""; } - protected String getPersistedCaCertFingerprint(String providerDomain) { - return ConfigHelper.getFromPersistedProvider(Provider.CA_CERT_FINGERPRINT, providerDomain, preferences); - } - protected String getPersistedPrivateKey(String providerDomain) { return ConfigHelper.getFromPersistedProvider(PROVIDER_PRIVATE_KEY, providerDomain, preferences); } |