diff options
author | Parménides GV <parmegv@sdf.org> | 2015-03-27 13:41:23 +0100 |
---|---|---|
committer | Parménides GV <parmegv@sdf.org> | 2015-03-27 13:41:23 +0100 |
commit | 88fd90e85c8aa584520ad67978e1ed4c419e2fd9 (patch) | |
tree | 4f559d0e698d3365cfcaafdb488101dee3ffcd8d /app/src/main/java/se/leap/bitmaskclient/eip/VpnCertificateValidator.java | |
parent | ea748b512ecb4eaff6ad7e212d9356a1caf7ed98 (diff) | |
parent | 8cd10bcac50a7e76085d5d7384dc8910a80e44c6 (diff) |
Merge branch 'develop' into release-0.9.3
Diffstat (limited to 'app/src/main/java/se/leap/bitmaskclient/eip/VpnCertificateValidator.java')
-rw-r--r-- | app/src/main/java/se/leap/bitmaskclient/eip/VpnCertificateValidator.java | 54 |
1 files changed, 24 insertions, 30 deletions
diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/VpnCertificateValidator.java b/app/src/main/java/se/leap/bitmaskclient/eip/VpnCertificateValidator.java index 0bbe9db4..8fce6a37 100644 --- a/app/src/main/java/se/leap/bitmaskclient/eip/VpnCertificateValidator.java +++ b/app/src/main/java/se/leap/bitmaskclient/eip/VpnCertificateValidator.java @@ -1,6 +1,6 @@ /** * Copyright (c) 2013 LEAP Encryption Access Project and contributers - * + * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or @@ -16,14 +16,10 @@ */ package se.leap.bitmaskclient.eip; -import android.util.Log; - -import java.security.cert.CertificateExpiredException; -import java.security.cert.CertificateNotYetValidException; -import java.security.cert.X509Certificate; -import java.util.Calendar; +import java.security.cert.*; +import java.util.*; -import se.leap.bitmaskclient.ConfigHelper; +import se.leap.bitmaskclient.*; public class VpnCertificateValidator { public final static String TAG = VpnCertificateValidator.class.getSimpleName(); @@ -35,32 +31,30 @@ public class VpnCertificateValidator { } public boolean isValid() { - if(!certificate.isEmpty()) { - X509Certificate certificate_x509 = ConfigHelper.parseX509CertificateFromString(certificate); - return isValid(certificate_x509); - } else return true; + if (!certificate.isEmpty()) { + X509Certificate certificate_x509 = ConfigHelper.parseX509CertificateFromString(certificate); + return isValid(certificate_x509); + } else return true; } - + private boolean isValid(X509Certificate certificate) { - Calendar offset_date = calculateOffsetCertificateValidity(certificate); - try { - Log.d(TAG, "offset_date = " + offset_date.getTime().toString()); - certificate.checkValidity(offset_date.getTime()); - return true; - } catch(CertificateExpiredException e) { - return false; - } catch(CertificateNotYetValidException e) { - return false; - } + Calendar offset_date = calculateOffsetCertificateValidity(certificate); + try { + certificate.checkValidity(offset_date.getTime()); + return true; + } catch (CertificateExpiredException e) { + return false; + } catch (CertificateNotYetValidException e) { + return false; + } } private Calendar calculateOffsetCertificateValidity(X509Certificate certificate) { - Log.d(TAG, "certificate not after = " + certificate.getNotAfter()); - long preventive_time = Math.abs(certificate.getNotBefore().getTime() - certificate.getNotAfter().getTime())/2; - long current_date_millis = Calendar.getInstance().getTimeInMillis(); - - Calendar limit_date = Calendar.getInstance(); - limit_date.setTimeInMillis(current_date_millis + preventive_time); - return limit_date; + long preventive_time = Math.abs(certificate.getNotBefore().getTime() - certificate.getNotAfter().getTime()) / 2; + long current_date_millis = Calendar.getInstance().getTimeInMillis(); + + Calendar limit_date = Calendar.getInstance(); + limit_date.setTimeInMillis(current_date_millis + preventive_time); + return limit_date; } } |