8827 - remove caCertificate from Provider

It's already represented by CertificatePin & CertificatePinEncoding
author: Fup Duck <fupduck@sacknagel.com> 2018-02-12 13:35:16 +0100
committer: Fup Duck <fupduck@sacknagel.com> 2018-02-12 13:36:25 +0100
commit: 24788afa45ff46616b41626e7607d4461ab77387 (patch)
tree: d75d428ffe3e77f55d3723a0682a5fb5b7b0c9df
parent: e9d3260f6439c4b00c6708658d6edd61a246ea67 (diff)
3 files changed, 4 insertions, 41 deletions
diff --git a/app/src/main/java/se/leap/bitmaskclient/ConfigHelper.java b/app/src/main/java/se/leap/bitmaskclient/ConfigHelper.java
index ba078701..7b2accd6 100644
--- a/app/src/main/java/se/leap/bitmaskclient/ConfigHelper.java
+++ b/app/src/main/java/se/leap/bitmaskclient/ConfigHelper.java
@@ -280,7 +280,6 @@ public class ConfigHelper {
             provider.setMainUrl(new URL(preferences.getString(Provider.MAIN_URL, "")));
             provider.define(new JSONObject(preferences.getString(Provider.KEY, "")));
             provider.setCaCert(preferences.getString(Provider.CA_CERT, ""));
-            provider.setCaCertFingerprint(preferences.getString(Provider.CA_CERT_FINGERPRINT, ""));
             provider.setVpnCertificate(preferences.getString(PROVIDER_VPN_CERTIFICATE, ""));
             provider.setPrivateKey(preferences.getString(PROVIDER_PRIVATE_KEY, ""));
         } catch (MalformedURLException | JSONException e) {
diff --git a/app/src/main/java/se/leap/bitmaskclient/Provider.java b/app/src/main/java/se/leap/bitmaskclient/Provider.java
index 7aa2f398..a2f50dd9 100644
--- a/app/src/main/java/se/leap/bitmaskclient/Provider.java
+++ b/app/src/main/java/se/leap/bitmaskclient/Provider.java
@@ -45,7 +45,6 @@ public final class Provider implements Parcelable {
     private String certificatePin = "";
     private String certificatePinEncoding = "";
     private String caCert = "";
-    private String caCertFingerprint = "";
     private String apiVersion = "";
     private String privateKey = "";
     private String vpnCertificate = "";
@@ -191,12 +190,6 @@ public final class Provider implements Parcelable {
         return apiVersion;
     }
 
-    protected String certificatePin() { return certificatePin; }
-
-    protected boolean hasCertificatePin() {
-        return certificatePin != null && !certificatePin.isEmpty();
-    }
-
     boolean hasCaCert() {
         return caCert != null && !caCert.isEmpty();
     }
@@ -210,10 +203,6 @@ public final class Provider implements Parcelable {
         return caCert;
     }
 
-    public String getCaCertFingerprint() {
-        return caCertFingerprint;
-    }
-
     public String getName() {
         // Should we pass the locale in, or query the system here?
         String lang = Locale.getDefault().getLanguage();
@@ -276,7 +265,6 @@ public final class Provider implements Parcelable {
         parcel.writeString(getMainUrlString());
         parcel.writeString(getDefinitionString());
         parcel.writeString(getCaCert());
-        parcel.writeString(getCaCertFingerprint());
         parcel.writeString(getEipServiceJsonString());
         parcel.writeString(getPrivateKey());
         parcel.writeString(getVpnCertificate());
@@ -294,7 +282,6 @@ public final class Provider implements Parcelable {
             certificatePin.equals(p.getCertificatePin()) &&
             certificatePinEncoding.equals(p.getCertificatePinEncoding()) &&
             caCert.equals(p.getCaCert()) &&
-            caCertFingerprint.equals(p.getCaCertFingerprint()) &&
             apiVersion.equals(p.getApiVersion()) &&
             privateKey.equals(p.getPrivateKey()) &&
             vpnCertificate.equals(p.getVpnCertificate()) &&
@@ -341,10 +328,6 @@ public final class Provider implements Parcelable {
             }
             tmpString = in.readString();
             if (!tmpString.isEmpty()) {
-               this.caCertFingerprint = tmpString;
-            }
-            tmpString = in.readString();
-            if (!tmpString.isEmpty()) {
                 this.setEipServiceJson(new JSONObject(tmpString));
             }
             tmpString = in.readString();
@@ -378,10 +361,6 @@ public final class Provider implements Parcelable {
         this.caCert = cert;
     }
 
-    public void setCaCertFingerprint(String certFingerprint) {
-        this.caCertFingerprint = certFingerprint;
-    }
-
     public boolean allowsAnonymous() {
         return allowAnonymous;
     }
@@ -451,7 +430,6 @@ public final class Provider implements Parcelable {
         certificatePin = "";
         certificatePinEncoding = "";
         caCert = "";
-        caCertFingerprint = "";
         apiVersion = "";
         privateKey = "";
         vpnCertificate = "";
diff --git a/app/src/main/java/se/leap/bitmaskclient/ProviderApiManagerBase.java b/app/src/main/java/se/leap/bitmaskclient/ProviderApiManagerBase.java
index f4fee635..505ee55b 100644
--- a/app/src/main/java/se/leap/bitmaskclient/ProviderApiManagerBase.java
+++ b/app/src/main/java/se/leap/bitmaskclient/ProviderApiManagerBase.java
@@ -683,7 +683,6 @@ public abstract class ProviderApiManagerBase {
         result.putBoolean(BROADCAST_RESULT_KEY, false);
 
         String caCert = provider.getCaCert();
-        JSONObject providerDefinition = provider.getDefinition();
 
         if (ConfigHelper.checkErroneousDownload(caCert)) {
             return result;
@@ -695,15 +694,15 @@ public abstract class ProviderApiManagerBase {
         }
         try {
             certificate.checkValidity();
-            String fingerprint = getCaCertFingerprint(providerDefinition);
-            String encoding = fingerprint.split(":")[0];
-            String expectedFingerprint = fingerprint.split(":")[1];
+            String encoding = provider.getCertificatePinEncoding();
+            String expectedFingerprint = provider.getCertificatePin();
+
             String realFingerprint = getFingerprintFromCertificate(certificate, encoding);
             if (!realFingerprint.trim().equalsIgnoreCase(expectedFingerprint.trim())) {
                 return setErrorResult(result, warning_corrupted_provider_cert, ERROR_CERTIFICATE_PINNING.toString());
             }
 
-            if (!canConnect(caCert, providerDefinition, result)) {
+            if (!canConnect(caCert, provider.getDefinition(), result)) {
                 return result;
             }
         } catch (NoSuchAlgorithmException e ) {
@@ -730,15 +729,6 @@ public abstract class ProviderApiManagerBase {
         return result;
     }
 
-    protected String getCaCertFingerprint(JSONObject providerDefinition) {
-        try {
-            return providerDefinition.getString(Provider.CA_CERT_FINGERPRINT);
-        } catch (JSONException e) {
-            e.printStackTrace();
-        }
-        return "";
-    }
-
     protected String getApiUrl(JSONObject providerDefinition) {
         try {
             return providerDefinition.getString(Provider.API_URL);
@@ -748,10 +738,6 @@ public abstract class ProviderApiManagerBase {
         return "";
     }
 
-    protected String getPersistedCaCertFingerprint(String providerDomain) {
-         return ConfigHelper.getFromPersistedProvider(Provider.CA_CERT_FINGERPRINT, providerDomain, preferences);
-    }
-
     protected String getPersistedPrivateKey(String providerDomain) {
         return ConfigHelper.getFromPersistedProvider(PROVIDER_PRIVATE_KEY, providerDomain, preferences);
     }
author	Fup Duck <fupduck@sacknagel.com>	2018-02-12 13:35:16 +0100
committer	Fup Duck <fupduck@sacknagel.com>	2018-02-12 13:36:25 +0100
commit	24788afa45ff46616b41626e7607d4461ab77387 (patch)
tree	d75d428ffe3e77f55d3723a0682a5fb5b7b0c9df
parent	e9d3260f6439c4b00c6708658d6edd61a246ea67 (diff)