diff options
author | cyBerta <cyberta@riseup.net> | 2021-12-16 23:45:41 +0100 |
---|---|---|
committer | cyBerta <cyberta@riseup.net> | 2021-12-17 01:09:57 +0100 |
commit | 8411cd82c0572e0e871c1cf93e0d4c05b35fb999 (patch) | |
tree | cb659af65a1b3baef5285a395c3cdfa2251c8187 /app/src/main/java/se/leap/bitmaskclient/providersetup/connectivity/TLSCompatSocketFactory.java | |
parent | 8e5ce3e312f03035314b6ab036c625f83a515fc7 (diff) |
allow to parse and handle multiple certs in a pem file
Diffstat (limited to 'app/src/main/java/se/leap/bitmaskclient/providersetup/connectivity/TLSCompatSocketFactory.java')
-rw-r--r-- | app/src/main/java/se/leap/bitmaskclient/providersetup/connectivity/TLSCompatSocketFactory.java | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/app/src/main/java/se/leap/bitmaskclient/providersetup/connectivity/TLSCompatSocketFactory.java b/app/src/main/java/se/leap/bitmaskclient/providersetup/connectivity/TLSCompatSocketFactory.java index 5357fd74..cc68b5a8 100644 --- a/app/src/main/java/se/leap/bitmaskclient/providersetup/connectivity/TLSCompatSocketFactory.java +++ b/app/src/main/java/se/leap/bitmaskclient/providersetup/connectivity/TLSCompatSocketFactory.java @@ -12,6 +12,8 @@ import java.security.KeyStoreException; import java.security.NoSuchAlgorithmException; import java.security.NoSuchProviderException; import java.security.cert.CertificateException; +import java.security.cert.X509Certificate; +import java.util.ArrayList; import java.util.Arrays; import javax.net.ssl.SSLContext; @@ -55,8 +57,12 @@ public class TLSCompatSocketFactory extends SSLSocketFactory { KeyStore keyStore = KeyStore.getInstance(defaultType); keyStore.load(null, null); if (!TextUtils.isEmpty(trustedSelfSignedCaCert)) { - java.security.cert.Certificate provider_certificate = ConfigHelper.parseX509CertificateFromString(trustedSelfSignedCaCert); - keyStore.setCertificateEntry("provider_ca_certificate", provider_certificate); + ArrayList<X509Certificate> x509Certificates = ConfigHelper.parseX509CertificatesFromString(trustedSelfSignedCaCert); + if (x509Certificates != null) { + for (int i = 0; i < x509Certificates.size(); i++) { + keyStore.setCertificateEntry("provider_ca_certificate"+i, x509Certificates.get(i)); + } + } } // Create a TrustManager that trusts the CAs in our KeyStore |