Merge branch 'certificate_transition' into 'master'

Certificate transition See merge request leap/bitmask_android!155
author: cyberta <cyberta@riseup.net> 2021-12-20 22:12:06 +0000
committer: cyberta <cyberta@riseup.net> 2021-12-20 22:12:06 +0000
commit: f6cc3e6ad236c3923b398b2ceae9bf2b472dc43a (patch)
tree: 452e8750878c43aea287644c1750f1642c707f91 /app/src/main/java/se/leap/bitmaskclient/eip/VpnCertificateValidator.java
parent: f459db047966a21d80b4e039429419c5091c1eeb (diff)
parent: d5e64c8c71f188df4e25715231179c979e8ab7a9 (diff)
1 files changed, 16 insertions, 4 deletions
diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/VpnCertificateValidator.java b/app/src/main/java/se/leap/bitmaskclient/eip/VpnCertificateValidator.java
index c747b731..16d1c5ad 100644
--- a/app/src/main/java/se/leap/bitmaskclient/eip/VpnCertificateValidator.java
+++ b/app/src/main/java/se/leap/bitmaskclient/eip/VpnCertificateValidator.java
@@ -16,9 +16,12 @@
  */
 package se.leap.bitmaskclient.eip;
 
+import androidx.annotation.VisibleForTesting;
+
 import java.security.cert.CertificateExpiredException;
 import java.security.cert.CertificateNotYetValidException;
 import java.security.cert.X509Certificate;
+import java.util.ArrayList;
 import java.util.Calendar;
 import java.util.Date;
 
@@ -27,7 +30,7 @@ import se.leap.bitmaskclient.base.utils.ConfigHelper;
 public class VpnCertificateValidator {
     public final static String TAG = VpnCertificateValidator.class.getSimpleName();
 
-    private String certificate;
+    private final String certificate;
     private CalendarProviderInterface calendarProvider;
 
     public VpnCertificateValidator(String certificate) {
@@ -35,21 +38,30 @@ public class VpnCertificateValidator {
         this.calendarProvider = new CalendarProvider();
     }
 
+    @VisibleForTesting
     public void setCalendarProvider(CalendarProviderInterface calendarProvider) {
         this.calendarProvider = calendarProvider;
     }
 
     /**
      *
-     * @return true if there's a certificate that is valid for more than 15 more days
+     * @return true if all certificates are valid for more than 15 more days
      */
     public boolean isValid() {
         if (certificate.isEmpty()) {
             return false;
         }
 
-        X509Certificate x509Certificate = ConfigHelper.parseX509CertificateFromString(certificate);
-        return isValid(x509Certificate);
+        ArrayList<X509Certificate> x509Certificates = ConfigHelper.parseX509CertificatesFromString(certificate);
+        if (x509Certificates == null) {
+            return false;
+        }
+        for (X509Certificate cert : x509Certificates) {
+            if (!isValid(cert)) {
+                return false;
+            }
+        }
+        return true;
     }
author	cyberta <cyberta@riseup.net>	2021-12-20 22:12:06 +0000
committer	cyberta <cyberta@riseup.net>	2021-12-20 22:12:06 +0000
commit	f6cc3e6ad236c3923b398b2ceae9bf2b472dc43a (patch)
tree	452e8750878c43aea287644c1750f1642c707f91 /app/src/main/java/se/leap/bitmaskclient/eip/VpnCertificateValidator.java
parent	f459db047966a21d80b4e039429419c5091c1eeb (diff)
parent	d5e64c8c71f188df4e25715231179c979e8ab7a9 (diff)