summaryrefslogtreecommitdiff
path: root/app/src/main/java/se/leap/bitmaskclient/eip
diff options
context:
space:
mode:
authorcyBerta <cyberta@riseup.net>2021-12-16 23:45:41 +0100
committercyBerta <cyberta@riseup.net>2021-12-17 01:09:57 +0100
commit8411cd82c0572e0e871c1cf93e0d4c05b35fb999 (patch)
treecb659af65a1b3baef5285a395c3cdfa2251c8187 /app/src/main/java/se/leap/bitmaskclient/eip
parent8e5ce3e312f03035314b6ab036c625f83a515fc7 (diff)
allow to parse and handle multiple certs in a pem file
Diffstat (limited to 'app/src/main/java/se/leap/bitmaskclient/eip')
-rw-r--r--app/src/main/java/se/leap/bitmaskclient/eip/VpnCertificateValidator.java20
1 files changed, 16 insertions, 4 deletions
diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/VpnCertificateValidator.java b/app/src/main/java/se/leap/bitmaskclient/eip/VpnCertificateValidator.java
index c747b731..16d1c5ad 100644
--- a/app/src/main/java/se/leap/bitmaskclient/eip/VpnCertificateValidator.java
+++ b/app/src/main/java/se/leap/bitmaskclient/eip/VpnCertificateValidator.java
@@ -16,9 +16,12 @@
*/
package se.leap.bitmaskclient.eip;
+import androidx.annotation.VisibleForTesting;
+
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.X509Certificate;
+import java.util.ArrayList;
import java.util.Calendar;
import java.util.Date;
@@ -27,7 +30,7 @@ import se.leap.bitmaskclient.base.utils.ConfigHelper;
public class VpnCertificateValidator {
public final static String TAG = VpnCertificateValidator.class.getSimpleName();
- private String certificate;
+ private final String certificate;
private CalendarProviderInterface calendarProvider;
public VpnCertificateValidator(String certificate) {
@@ -35,21 +38,30 @@ public class VpnCertificateValidator {
this.calendarProvider = new CalendarProvider();
}
+ @VisibleForTesting
public void setCalendarProvider(CalendarProviderInterface calendarProvider) {
this.calendarProvider = calendarProvider;
}
/**
*
- * @return true if there's a certificate that is valid for more than 15 more days
+ * @return true if all certificates are valid for more than 15 more days
*/
public boolean isValid() {
if (certificate.isEmpty()) {
return false;
}
- X509Certificate x509Certificate = ConfigHelper.parseX509CertificateFromString(certificate);
- return isValid(x509Certificate);
+ ArrayList<X509Certificate> x509Certificates = ConfigHelper.parseX509CertificatesFromString(certificate);
+ if (x509Certificates == null) {
+ return false;
+ }
+ for (X509Certificate cert : x509Certificates) {
+ if (!isValid(cert)) {
+ return false;
+ }
+ }
+ return true;
}
generated by cgit v1.2.3 (git 2.25.1) at 2025-01-06 10:12:24 +0000