summaryrefslogtreecommitdiff
path: root/app
diff options
context:
space:
mode:
authorcyberta <cyberta@riseup.net>2022-07-18 21:57:07 +0000
committercyberta <cyberta@riseup.net>2022-07-18 21:57:07 +0000
commitabd8c8d06f01cc5b794a18779c2ea36b9317b4e3 (patch)
tree3bf4274594bc45c879093adbab58c2ec7a142146 /app
parentf90e72fb3e90d561a433278f251ee27297b42001 (diff)
parent6ad47f6665312cfbc5c9b9e9bae1088d91b8dc99 (diff)
Merge branch 'eip-service.json_updates' into 'master'
Fix auto-check issues after successful connection attempt Closes #9093 See merge request leap/bitmask_android!197
Diffstat (limited to 'app')
-rw-r--r--app/src/fatweb/java/se.leap.bitmaskclient/appUpdate/DownloadNotificationManager.java1
-rw-r--r--app/src/fatweb/java/se.leap.bitmaskclient/appUpdate/DownloadServiceCommand.java29
-rw-r--r--app/src/fatweb/java/se.leap.bitmaskclient/appUpdate/UpdateDownloadManager.java11
-rw-r--r--app/src/main/java/se/leap/bitmaskclient/base/models/Provider.java10
-rw-r--r--app/src/main/java/se/leap/bitmaskclient/eip/EIP.java19
-rw-r--r--app/src/main/java/se/leap/bitmaskclient/eip/EipSetupObserver.java16
-rw-r--r--app/src/main/java/se/leap/bitmaskclient/eip/VpnCertificateValidator.java27
-rw-r--r--app/src/main/java/se/leap/bitmaskclient/providersetup/ProviderAPI.java9
-rw-r--r--app/src/main/java/se/leap/bitmaskclient/providersetup/ProviderApiManagerBase.java21
-rw-r--r--app/src/notFatweb/java/se/leap/bitmaskclient/appUpdate/DownloadServiceCommand.java8
-rw-r--r--app/src/test/java/se/leap/bitmaskclient/eip/ProviderApiManagerTest.java47
-rw-r--r--app/src/test/java/se/leap/bitmaskclient/eip/VpnCertificateValidatorTest.java30
-rw-r--r--app/src/test/resources/v4/riseup.net.cert94
13 files changed, 234 insertions, 88 deletions
diff --git a/app/src/fatweb/java/se.leap.bitmaskclient/appUpdate/DownloadNotificationManager.java b/app/src/fatweb/java/se.leap.bitmaskclient/appUpdate/DownloadNotificationManager.java
index 1a88000b..336802c6 100644
--- a/app/src/fatweb/java/se.leap.bitmaskclient/appUpdate/DownloadNotificationManager.java
+++ b/app/src/fatweb/java/se.leap.bitmaskclient/appUpdate/DownloadNotificationManager.java
@@ -84,6 +84,7 @@ public class DownloadNotificationManager {
notificationBuilder
.setDefaults(Notification.DEFAULT_ALL)
.setAutoCancel(false)
+ .setNotificationSilent()
.setOngoing(true)
.setSmallIcon(android.R.drawable.stat_sys_download)
.setContentTitle(context.getString(R.string.version_update_apk_description, context.getString(R.string.app_name)))
diff --git a/app/src/fatweb/java/se.leap.bitmaskclient/appUpdate/DownloadServiceCommand.java b/app/src/fatweb/java/se.leap.bitmaskclient/appUpdate/DownloadServiceCommand.java
index 4e0d9079..41efd621 100644
--- a/app/src/fatweb/java/se.leap.bitmaskclient/appUpdate/DownloadServiceCommand.java
+++ b/app/src/fatweb/java/se.leap.bitmaskclient/appUpdate/DownloadServiceCommand.java
@@ -18,6 +18,7 @@ package se.leap.bitmaskclient.appUpdate;
import android.content.Context;
import android.content.Intent;
+import android.os.Bundle;
import android.os.ResultReceiver;
import androidx.annotation.NonNull;
@@ -31,18 +32,27 @@ public class DownloadServiceCommand {
CHECK_VERSION_FILE = "checkVersionFile",
DOWNLOAD_UPDATE = "downloadUpdate";
- private Context context;
- private String action;
- private ResultReceiver resultReceiver;
+ private final Context context;
+ private final String action;
+ private Bundle parameters;
+ private final ResultReceiver resultReceiver;
private DownloadServiceCommand(@NonNull Context context, @NonNull String action) {
- this(context.getApplicationContext(), action, null);
+ this(context.getApplicationContext(), action, null, null);
}
+ private DownloadServiceCommand(@NonNull Context context, @NonNull String action, @Nullable Bundle parameters) {
+ this(context.getApplicationContext(), action, parameters, null);
+ }
private DownloadServiceCommand(@NonNull Context context, @NonNull String action, @Nullable ResultReceiver resultReceiver) {
+ this(context.getApplicationContext(), action, null, resultReceiver);
+ }
+
+ private DownloadServiceCommand(@NonNull Context context, @NonNull String action, @Nullable Bundle parameters, @Nullable ResultReceiver resultReceiver) {
super();
this.context = context;
this.action = action;
+ this.parameters = parameters;
this.resultReceiver = resultReceiver;
}
@@ -53,6 +63,10 @@ public class DownloadServiceCommand {
if (resultReceiver != null) {
command.putExtra(ProviderAPI.RECEIVER_KEY, resultReceiver);
}
+ if (parameters == null) {
+ parameters = Bundle.EMPTY;
+ }
+ command.putExtra(ProviderAPI.PARAMETERS, parameters);
return command;
}
@@ -73,7 +87,12 @@ public class DownloadServiceCommand {
command.execute();
}
- public static void execute(Context context, String action, ResultReceiver resultReceiver) {
+ public static void execute(Context context, String action, Bundle parameters) {
+ DownloadServiceCommand command = new DownloadServiceCommand(context, action, parameters);
+ command.execute();
+ }
+
+ public static void execute(Context context, String action, Bundle parameters, ResultReceiver resultReceiver) {
DownloadServiceCommand command = new DownloadServiceCommand(context, action, resultReceiver);
command.execute();
}
diff --git a/app/src/fatweb/java/se.leap.bitmaskclient/appUpdate/UpdateDownloadManager.java b/app/src/fatweb/java/se.leap.bitmaskclient/appUpdate/UpdateDownloadManager.java
index b50c587c..109164c5 100644
--- a/app/src/fatweb/java/se.leap.bitmaskclient/appUpdate/UpdateDownloadManager.java
+++ b/app/src/fatweb/java/se.leap.bitmaskclient/appUpdate/UpdateDownloadManager.java
@@ -48,6 +48,8 @@ import static se.leap.bitmaskclient.base.models.Constants.BROADCAST_DOWNLOAD_SER
import static se.leap.bitmaskclient.base.models.Constants.BROADCAST_RESULT_CODE;
import static se.leap.bitmaskclient.base.models.Constants.BROADCAST_RESULT_KEY;
import static se.leap.bitmaskclient.base.utils.FileHelper.readPublicKey;
+import static se.leap.bitmaskclient.providersetup.ProviderAPI.DELAY;
+import static se.leap.bitmaskclient.providersetup.ProviderAPI.PARAMETERS;
import static se.leap.bitmaskclient.providersetup.ProviderAPI.RECEIVER_KEY;
public class UpdateDownloadManager implements Logger, DownloadConnector.DownloadProgress {
@@ -93,6 +95,15 @@ public class UpdateDownloadManager implements Logger, DownloadConnector.Download
receiver = command.getParcelableExtra(RECEIVER_KEY);
}
String action = command.getAction();
+ Bundle parameters = command.getBundleExtra(PARAMETERS);
+
+ if (parameters.containsKey(DELAY)) {
+ try {
+ Thread.sleep(parameters.getLong(DELAY));
+ } catch (InterruptedException e) {
+ e.printStackTrace();
+ }
+ }
Bundle result = new Bundle();
switch (action) {
diff --git a/app/src/main/java/se/leap/bitmaskclient/base/models/Provider.java b/app/src/main/java/se/leap/bitmaskclient/base/models/Provider.java
index 974aef80..02a9694a 100644
--- a/app/src/main/java/se/leap/bitmaskclient/base/models/Provider.java
+++ b/app/src/main/java/se/leap/bitmaskclient/base/models/Provider.java
@@ -63,6 +63,7 @@ public final class Provider implements Parcelable {
private String vpnCertificate = "";
private long lastEipServiceUpdate = 0L;
private long lastGeoIpUpdate = 0L;
+ private boolean shouldUpdateVpnCertificate;
private boolean allowAnonymous;
private boolean allowRegistered;
@@ -361,6 +362,7 @@ public final class Provider implements Parcelable {
parcel.writeString(getVpnCertificate());
parcel.writeLong(lastEipServiceUpdate);
parcel.writeLong(lastGeoIpUpdate);
+ parcel.writeInt(shouldUpdateVpnCertificate ? 0 : 1);
}
@@ -407,6 +409,7 @@ public final class Provider implements Parcelable {
}
this.lastEipServiceUpdate = in.readLong();
this.lastGeoIpUpdate = in.readLong();
+ this.shouldUpdateVpnCertificate = in.readInt() == 0;
} catch (MalformedURLException | JSONException e) {
e.printStackTrace();
}
@@ -492,6 +495,13 @@ public final class Provider implements Parcelable {
return System.currentTimeMillis() - lastEipServiceUpdate >= EIP_SERVICE_TIMEOUT;
}
+ public void setShouldUpdateVpnCertificate(Boolean update) {
+ shouldUpdateVpnCertificate = update;
+ }
+
+ public boolean shouldUpdateVpnCertificate() {
+ return shouldUpdateVpnCertificate;
+ }
public void setLastGeoIpUpdate(long timestamp) {
lastGeoIpUpdate = timestamp;
diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java b/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java
index cf4dc9bf..46f91781 100644
--- a/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java
+++ b/app/src/main/java/se/leap/bitmaskclient/eip/EIP.java
@@ -56,6 +56,7 @@ import de.blinkt.openvpn.core.VpnStatus;
import de.blinkt.openvpn.core.connection.Connection;
import se.leap.bitmaskclient.R;
import se.leap.bitmaskclient.base.OnBootReceiver;
+import se.leap.bitmaskclient.base.models.Provider;
import se.leap.bitmaskclient.base.models.ProviderObservable;
import se.leap.bitmaskclient.base.utils.PreferenceHelper;
@@ -242,6 +243,12 @@ public final class EIP extends JobIntentService implements Observer {
return;
}
+ if (shouldUpdateVPNCertificate()) {
+ Provider p = ProviderObservable.getInstance().getCurrentProvider();
+ p.setShouldUpdateVpnCertificate(true);
+ ProviderObservable.getInstance().updateProvider(p);
+ }
+
GatewaysManager gatewaysManager = new GatewaysManager(getApplicationContext());
if (gatewaysManager.isEmpty()) {
setErrorResult(result, warning_client_parsing_error_gateways, null);
@@ -267,6 +274,12 @@ public final class EIP extends JobIntentService implements Observer {
Gateway gateway = gatewaysManager.select(0);
Bundle result = new Bundle();
+ if (shouldUpdateVPNCertificate()) {
+ Provider p = ProviderObservable.getInstance().getCurrentProvider();
+ p.setShouldUpdateVpnCertificate(true);
+ ProviderObservable.getInstance().updateProvider(p);
+ }
+
launchActiveGateway(gateway, 0, result);
if (result.containsKey(BROADCAST_RESULT_KEY) && !result.getBoolean(BROADCAST_RESULT_KEY)){
VpnStatus.logWarning("ALWAYS-ON VPN: " + getString(R.string.no_vpn_profiles_defined));
@@ -415,6 +428,12 @@ public final class EIP extends JobIntentService implements Observer {
return validator.isValid();
}
+ private boolean shouldUpdateVPNCertificate() {
+ VpnCertificateValidator validator = new VpnCertificateValidator(preferences.getString(PROVIDER_VPN_CERTIFICATE, ""));
+ return validator.shouldBeUpdated();
+ }
+
+
/**
* helper function to add error to result bundle
*
diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/EipSetupObserver.java b/app/src/main/java/se/leap/bitmaskclient/eip/EipSetupObserver.java
index 9d67340e..05991390 100644
--- a/app/src/main/java/se/leap/bitmaskclient/eip/EipSetupObserver.java
+++ b/app/src/main/java/se/leap/bitmaskclient/eip/EipSetupObserver.java
@@ -39,12 +39,14 @@ import static se.leap.bitmaskclient.base.models.Constants.PROVIDER_PROFILE;
import static se.leap.bitmaskclient.providersetup.ProviderAPI.CORRECTLY_DOWNLOADED_EIP_SERVICE;
import static se.leap.bitmaskclient.providersetup.ProviderAPI.CORRECTLY_DOWNLOADED_GEOIP_JSON;
import static se.leap.bitmaskclient.providersetup.ProviderAPI.CORRECTLY_UPDATED_INVALID_VPN_CERTIFICATE;
+import static se.leap.bitmaskclient.providersetup.ProviderAPI.DELAY;
import static se.leap.bitmaskclient.providersetup.ProviderAPI.INCORRECTLY_DOWNLOADED_EIP_SERVICE;
import static se.leap.bitmaskclient.providersetup.ProviderAPI.INCORRECTLY_DOWNLOADED_GEOIP_JSON;
import static se.leap.bitmaskclient.providersetup.ProviderAPI.INCORRECTLY_DOWNLOADED_VPN_CERTIFICATE;
import static se.leap.bitmaskclient.providersetup.ProviderAPI.INCORRECTLY_UPDATED_INVALID_VPN_CERTIFICATE;
import static se.leap.bitmaskclient.providersetup.ProviderAPI.PROVIDER_NOK;
import static se.leap.bitmaskclient.providersetup.ProviderAPI.PROVIDER_OK;
+import static se.leap.bitmaskclient.providersetup.ProviderAPI.QUIETLY_UPDATE_VPN_CERTIFICATE;
import static se.leap.bitmaskclient.providersetup.ProviderAPI.TOR_EXCEPTION;
import static se.leap.bitmaskclient.providersetup.ProviderAPI.TOR_TIMEOUT;
import static se.leap.bitmaskclient.providersetup.ProviderAPI.UPDATE_INVALID_VPN_CERTIFICATE;
@@ -367,11 +369,21 @@ public class EipSetupObserver extends BroadcastReceiver implements VpnStatus.Sta
Provider provider = ProviderObservable.getInstance().getCurrentProvider();
if (setupNClosestGateway.get() > 0 || provider.shouldUpdateEipServiceJson()) {
//setupNClostestGateway > 0: at least one failed gateway -> did the provider change it's gateways?
- ProviderAPICommand.execute(appContext, ProviderAPI.DOWNLOAD_SERVICE_JSON, provider);
+ Bundle parameters = new Bundle();
+ parameters.putLong(DELAY, 500);
+ ProviderAPICommand.execute(appContext, ProviderAPI.DOWNLOAD_SERVICE_JSON, parameters, provider);
}
if (shouldCheckAppUpdate()) {
- DownloadServiceCommand.execute(appContext, CHECK_VERSION_FILE);
+ Bundle parameters = new Bundle();
+ parameters.putLong(DELAY, 500);
+ DownloadServiceCommand.execute(appContext, CHECK_VERSION_FILE, parameters);
+ }
+
+ if (provider.shouldUpdateVpnCertificate()) {
+ Bundle parameters = new Bundle();
+ parameters.putLong(DELAY, 500);
+ ProviderAPICommand.execute(appContext, QUIETLY_UPDATE_VPN_CERTIFICATE, parameters, provider);
}
finishGatewaySetup(false);
} else if ("TCP_CONNECT".equals(state)) {
diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/VpnCertificateValidator.java b/app/src/main/java/se/leap/bitmaskclient/eip/VpnCertificateValidator.java
index 16d1c5ad..8841ae94 100644
--- a/app/src/main/java/se/leap/bitmaskclient/eip/VpnCertificateValidator.java
+++ b/app/src/main/java/se/leap/bitmaskclient/eip/VpnCertificateValidator.java
@@ -45,9 +45,22 @@ public class VpnCertificateValidator {
/**
*
- * @return true if all certificates are valid for more than 15 more days
+ * @return true if all certificates are valid for 1 more day
*/
public boolean isValid() {
+ return isValid(1);
+ }
+
+ /**
+ *
+ * @return return true if certificates will expire in 8 days or less
+ */
+ public boolean shouldBeUpdated() {
+ return !isValid(8);
+ }
+
+
+ private boolean isValid(int offsetDays) {
if (certificate.isEmpty()) {
return false;
}
@@ -57,7 +70,7 @@ public class VpnCertificateValidator {
return false;
}
for (X509Certificate cert : x509Certificates) {
- if (!isValid(cert)) {
+ if (!isValid(cert, offsetDays)) {
return false;
}
}
@@ -65,12 +78,12 @@ public class VpnCertificateValidator {
}
- private boolean isValid(X509Certificate certificate) {
+ private boolean isValid(X509Certificate certificate, int offsetDays) {
if (certificate == null) {
return false;
}
- Calendar offsetDate = calculateOffsetCertificateValidity(certificate);
+ Calendar offsetDate = calculateOffsetCertificateValidity(certificate, offsetDays);
try {
certificate.checkValidity(offsetDate.getTime());
return true;
@@ -81,15 +94,15 @@ public class VpnCertificateValidator {
}
}
- private Calendar calculateOffsetCertificateValidity(X509Certificate certificate) {
+ private Calendar calculateOffsetCertificateValidity(X509Certificate certificate, int offsetDays) {
Calendar limitDate = calendarProvider.getCalendar();
Date startDate = certificate.getNotBefore();
// if certificates start date is before current date just return the current date without an offset
if (startDate.getTime() >= limitDate.getTime().getTime()) {
return limitDate;
}
- // else add an offset of 15 days to the current date
- limitDate.add(Calendar.DAY_OF_YEAR, 15);
+ // else add an offset to the current date
+ limitDate.add(Calendar.DAY_OF_YEAR, offsetDays);
return limitDate;
}
diff --git a/app/src/main/java/se/leap/bitmaskclient/providersetup/ProviderAPI.java b/app/src/main/java/se/leap/bitmaskclient/providersetup/ProviderAPI.java
index da77af2f..e45add50 100644
--- a/app/src/main/java/se/leap/bitmaskclient/providersetup/ProviderAPI.java
+++ b/app/src/main/java/se/leap/bitmaskclient/providersetup/ProviderAPI.java
@@ -63,9 +63,15 @@ public class ProviderAPI extends JobIntentService implements ProviderApiManagerB
SIGN_UP = "srpRegister",
LOG_IN = "srpAuth",
LOG_OUT = "logOut",
+ // all vpn certificate download commands are used in different scenarios with different error handling
+ // command key used for the initial vpn certificate download during the provider setup
DOWNLOAD_VPN_CERTIFICATE = "downloadUserAuthedVPNCertificate",
+ // command key used to update soon expiring but yet valid certificates after connecting to the vpn
+ QUIETLY_UPDATE_VPN_CERTIFICATE = "ProviderAPI.QUIETLY_UPDATE_VPN_CERTIFICATE",
+ // command key used to update invalid certificates, connecting to the vpn is impossible
UPDATE_INVALID_VPN_CERTIFICATE = "ProviderAPI.UPDATE_INVALID_VPN_CERTIFICATE",
PARAMETERS = "parameters",
+ DELAY = "delay",
RECEIVER_KEY = "receiver",
ERRORS = "errors",
ERRORID = "errorId",
@@ -97,7 +103,6 @@ public class ProviderAPI extends JobIntentService implements ProviderApiManagerB
TOR_EXCEPTION = 21;
ProviderApiManager providerApiManager;
- private volatile TorServiceConnection torServiceConnection;
//TODO: refactor me, please!
//used in insecure flavor only
@@ -156,7 +161,7 @@ public class ProviderAPI extends JobIntentService implements ProviderApiManagerB
if (Build.VERSION.SDK_INT < Build.VERSION_CODES.Q) {
NetworkInfo activeNetwork = cm.getActiveNetworkInfo();
return activeNetwork != null &&
- activeNetwork.isConnectedOrConnecting();
+ activeNetwork.isConnected();
} else {
NetworkCapabilities capabilities = cm.getNetworkCapabilities(cm.getActiveNetwork());
if (capabilities != null) {
diff --git a/app/src/main/java/se/leap/bitmaskclient/providersetup/ProviderApiManagerBase.java b/app/src/main/java/se/leap/bitmaskclient/providersetup/ProviderApiManagerBase.java
index ecddb9c7..607339fd 100644
--- a/app/src/main/java/se/leap/bitmaskclient/providersetup/ProviderApiManagerBase.java
+++ b/app/src/main/java/se/leap/bitmaskclient/providersetup/ProviderApiManagerBase.java
@@ -52,6 +52,7 @@ import static se.leap.bitmaskclient.providersetup.ProviderAPI.CORRECTLY_DOWNLOAD
import static se.leap.bitmaskclient.providersetup.ProviderAPI.CORRECTLY_DOWNLOADED_GEOIP_JSON;
import static se.leap.bitmaskclient.providersetup.ProviderAPI.CORRECTLY_DOWNLOADED_VPN_CERTIFICATE;
import static se.leap.bitmaskclient.providersetup.ProviderAPI.CORRECTLY_UPDATED_INVALID_VPN_CERTIFICATE;
+import static se.leap.bitmaskclient.providersetup.ProviderAPI.DELAY;
import static se.leap.bitmaskclient.providersetup.ProviderAPI.DOWNLOAD_GEOIP_JSON;
import static se.leap.bitmaskclient.providersetup.ProviderAPI.DOWNLOAD_SERVICE_JSON;
import static se.leap.bitmaskclient.providersetup.ProviderAPI.DOWNLOAD_VPN_CERTIFICATE;
@@ -71,6 +72,7 @@ import static se.leap.bitmaskclient.providersetup.ProviderAPI.MISSING_NETWORK_CO
import static se.leap.bitmaskclient.providersetup.ProviderAPI.PARAMETERS;
import static se.leap.bitmaskclient.providersetup.ProviderAPI.PROVIDER_NOK;
import static se.leap.bitmaskclient.providersetup.ProviderAPI.PROVIDER_OK;
+import static se.leap.bitmaskclient.providersetup.ProviderAPI.QUIETLY_UPDATE_VPN_CERTIFICATE;
import static se.leap.bitmaskclient.providersetup.ProviderAPI.RECEIVER_KEY;
import static se.leap.bitmaskclient.providersetup.ProviderAPI.SET_UP_PROVIDER;
import static se.leap.bitmaskclient.providersetup.ProviderAPI.SIGN_UP;
@@ -193,6 +195,14 @@ public abstract class ProviderApiManagerBase {
return;
}
+ if (parameters.containsKey(DELAY)) {
+ try {
+ Thread.sleep(parameters.getLong(DELAY));
+ } catch (InterruptedException e) {
+ e.printStackTrace();
+ }
+ }
+
if (!serviceCallback.hasNetworkConnection()) {
Bundle result = new Bundle();
setErrorResult(result, R.string.error_network_connection, null);
@@ -277,6 +287,17 @@ public abstract class ProviderApiManagerBase {
}
ProviderObservable.getInstance().setProviderForDns(null);
break;
+ case QUIETLY_UPDATE_VPN_CERTIFICATE:
+ ProviderObservable.getInstance().setProviderForDns(provider);
+ result = updateVpnCertificate(provider);
+ if (result.getBoolean(BROADCAST_RESULT_KEY)) {
+ Log.d(TAG, "successfully downloaded VPN certificate");
+ provider.setShouldUpdateVpnCertificate(false);
+ PreferenceHelper.storeProviderInPreferences(preferences, provider);
+ ProviderObservable.getInstance().updateProvider(provider);
+ }
+ ProviderObservable.getInstance().setProviderForDns(null);
+ break;
case UPDATE_INVALID_VPN_CERTIFICATE:
ProviderObservable.getInstance().setProviderForDns(provider);
result = updateVpnCertificate(provider);
diff --git a/app/src/notFatweb/java/se/leap/bitmaskclient/appUpdate/DownloadServiceCommand.java b/app/src/notFatweb/java/se/leap/bitmaskclient/appUpdate/DownloadServiceCommand.java
index 157f04fe..02a830ca 100644
--- a/app/src/notFatweb/java/se/leap/bitmaskclient/appUpdate/DownloadServiceCommand.java
+++ b/app/src/notFatweb/java/se/leap/bitmaskclient/appUpdate/DownloadServiceCommand.java
@@ -1,6 +1,10 @@
package se.leap.bitmaskclient.appUpdate;
import android.content.Context;
+import android.os.Bundle;
+
+import androidx.annotation.NonNull;
+import androidx.annotation.Nullable;
/**
* DownloadServiceCommand is only implemented in Fatweb builds
@@ -16,4 +20,8 @@ public class DownloadServiceCommand {
public static void execute(Context context, String action) {
// DO NOTHING.
}
+
+ public static void execute(@NonNull Context context, @NonNull String action, @Nullable Bundle parameters) {
+ // DO NOTHING.
+ }
}
diff --git a/app/src/test/java/se/leap/bitmaskclient/eip/ProviderApiManagerTest.java b/app/src/test/java/se/leap/bitmaskclient/eip/ProviderApiManagerTest.java
index cb1e1f73..2b1615da 100644
--- a/app/src/test/java/se/leap/bitmaskclient/eip/ProviderApiManagerTest.java
+++ b/app/src/test/java/se/leap/bitmaskclient/eip/ProviderApiManagerTest.java
@@ -186,6 +186,7 @@ public class ProviderApiManagerTest {
providerApiCommand.setAction(ProviderAPI.SET_UP_PROVIDER);
providerApiCommand.putExtra(ProviderAPI.RECEIVER_KEY, mockResultReceiver(PROVIDER_NOK, expectedResult));
providerApiCommand.putExtra(PROVIDER_KEY, provider);
+ providerApiCommand.putExtra(PARAMETERS, mockBundle());
providerApiManager.handleIntent(providerApiCommand);
}
@@ -207,6 +208,7 @@ public class ProviderApiManagerTest {
providerApiCommand.putExtra(PROVIDER_KEY, provider);
providerApiCommand.setAction(ProviderAPI.SET_UP_PROVIDER);
providerApiCommand.putExtra(ProviderAPI.RECEIVER_KEY, mockResultReceiver(PROVIDER_OK, expectedResult));
+ providerApiCommand.putExtra(PARAMETERS, mockBundle());
providerApiManager.handleIntent(providerApiCommand);
}
@@ -228,6 +230,7 @@ public class ProviderApiManagerTest {
providerApiCommand.setAction(ProviderAPI.SET_UP_PROVIDER);
providerApiCommand.putExtra(ProviderAPI.RECEIVER_KEY, mockResultReceiver(PROVIDER_OK, expectedResult));
providerApiCommand.putExtra(PROVIDER_KEY, provider);
+ providerApiCommand.putExtra(PARAMETERS, mockBundle());
providerApiManager.handleIntent(providerApiCommand);
}
@@ -249,7 +252,7 @@ public class ProviderApiManagerTest {
Intent providerApiCommand = mockIntent();
providerApiCommand.setAction(ProviderAPI.SET_UP_PROVIDER);
providerApiCommand.putExtra(ProviderAPI.RECEIVER_KEY, mockResultReceiver(PROVIDER_OK, expectedResult));
-
+ providerApiCommand.putExtra(PARAMETERS, mockBundle());
providerApiCommand.putExtra(PROVIDER_KEY, provider);
providerApiManager.handleIntent(providerApiCommand);
@@ -270,6 +273,7 @@ public class ProviderApiManagerTest {
providerApiCommand.setAction(ProviderAPI.SET_UP_PROVIDER);
providerApiCommand.putExtra(ProviderAPI.RECEIVER_KEY, mockResultReceiver(PROVIDER_NOK, expectedResult));
+ providerApiCommand.putExtra(PARAMETERS, mockBundle());
providerApiCommand.putExtra(PROVIDER_KEY, provider);
@@ -292,6 +296,7 @@ public class ProviderApiManagerTest {
providerApiCommand.setAction(ProviderAPI.SET_UP_PROVIDER);
providerApiCommand.putExtra(ProviderAPI.RECEIVER_KEY, mockResultReceiver(PROVIDER_NOK, expectedResult));
+ providerApiCommand.putExtra(PARAMETERS, mockBundle());
providerApiCommand.putExtra(PROVIDER_KEY, provider);
@@ -318,7 +323,7 @@ public class ProviderApiManagerTest {
providerApiCommand.setAction(ProviderAPI.SET_UP_PROVIDER);
providerApiCommand.putExtra(ProviderAPI.RECEIVER_KEY, mockResultReceiver(PROVIDER_NOK, expectedResult));
-
+ providerApiCommand.putExtra(PARAMETERS, mockBundle());
providerApiCommand.putExtra(PROVIDER_KEY, provider);
providerApiManager.handleIntent(providerApiCommand);
@@ -341,7 +346,7 @@ public class ProviderApiManagerTest {
providerApiCommand.setAction(ProviderAPI.SET_UP_PROVIDER);
providerApiCommand.putExtra(ProviderAPI.RECEIVER_KEY, mockResultReceiver(PROVIDER_NOK, expectedResult));
-
+ providerApiCommand.putExtra(PARAMETERS, mockBundle());
providerApiCommand.putExtra(PROVIDER_KEY, provider);
providerApiManager.handleIntent(providerApiCommand);
@@ -365,7 +370,7 @@ public class ProviderApiManagerTest {
providerApiCommand.setAction(ProviderAPI.SET_UP_PROVIDER);
providerApiCommand.putExtra(ProviderAPI.RECEIVER_KEY, mockResultReceiver(PROVIDER_NOK, expectedResult));
-
+ providerApiCommand.putExtra(PARAMETERS, mockBundle());
providerApiCommand.putExtra(PROVIDER_KEY, provider);
providerApiManager.handleIntent(providerApiCommand);
@@ -388,6 +393,7 @@ public class ProviderApiManagerTest {
providerApiCommand.setAction(ProviderAPI.SET_UP_PROVIDER);
providerApiCommand.putExtra(ProviderAPI.RECEIVER_KEY, mockResultReceiver(PROVIDER_NOK, expectedResult));
+ providerApiCommand.putExtra(PARAMETERS, mockBundle());
providerApiCommand.putExtra(PROVIDER_KEY, provider);
@@ -413,6 +419,7 @@ public class ProviderApiManagerTest {
providerApiCommand.setAction(ProviderAPI.SET_UP_PROVIDER);
providerApiCommand.putExtra(ProviderAPI.RECEIVER_KEY, mockResultReceiver(PROVIDER_NOK, expectedResult));
+ providerApiCommand.putExtra(PARAMETERS, mockBundle());
providerApiCommand.putExtra(PROVIDER_KEY, provider);
@@ -433,12 +440,12 @@ public class ProviderApiManagerTest {
expectedResult.putString(ERRORS, "{\"errors\":\"There was an error configuring Bitmask with your chosen provider.\"}");
expectedResult.putParcelable(PROVIDER_KEY, provider);
-
Intent providerApiCommand = mockIntent();
providerApiCommand.putExtra(PROVIDER_KEY, provider);
providerApiCommand.setAction(ProviderAPI.SET_UP_PROVIDER);
providerApiCommand.putExtra(ProviderAPI.RECEIVER_KEY, mockResultReceiver(PROVIDER_NOK, expectedResult));
+ providerApiCommand.putExtra(PARAMETERS, mockBundle());
providerApiManager.handleIntent(providerApiCommand);
}
@@ -461,12 +468,12 @@ public class ProviderApiManagerTest {
expectedResult.putString(ERRORS, "{\"errors\":\"There was an error configuring RiseupVPN.\"}");
expectedResult.putParcelable(PROVIDER_KEY, provider);
-
Intent providerApiCommand = mockIntent();
providerApiCommand.putExtra(PROVIDER_KEY, provider);
providerApiCommand.setAction(ProviderAPI.SET_UP_PROVIDER);
providerApiCommand.putExtra(ProviderAPI.RECEIVER_KEY, mockResultReceiver(PROVIDER_NOK, expectedResult));
+ providerApiCommand.putExtra(PARAMETERS, mockBundle());
providerApiManager.handleIntent(providerApiCommand);
}
@@ -484,12 +491,12 @@ public class ProviderApiManagerTest {
expectedResult.putBoolean(BROADCAST_RESULT_KEY, true);
expectedResult.putParcelable(PROVIDER_KEY, provider);
-
Intent providerApiCommand = mockIntent();
providerApiCommand.putExtra(PROVIDER_KEY, provider);
providerApiCommand.setAction(ProviderAPI.SET_UP_PROVIDER);
providerApiCommand.putExtra(ProviderAPI.RECEIVER_KEY, mockResultReceiver(PROVIDER_OK, expectedResult));
+ providerApiCommand.putExtra(PARAMETERS, mockBundle());
providerApiManager.handleIntent(providerApiCommand);
}
@@ -510,12 +517,12 @@ public class ProviderApiManagerTest {
expectedResult.putBoolean(BROADCAST_RESULT_KEY, false);
expectedResult.putParcelable(PROVIDER_KEY, provider);
expectedResult.putString(ERRORS, "This is not a trusted Bitmask provider.");
-
Intent providerApiCommand = mockIntent();
providerApiCommand.setAction(ProviderAPI.SET_UP_PROVIDER);
providerApiCommand.putExtra(ProviderAPI.RECEIVER_KEY, mockResultReceiver(PROVIDER_NOK, expectedResult));
providerApiCommand.putExtra(PROVIDER_KEY, provider);
+ providerApiCommand.putExtra(PARAMETERS, mockBundle());
providerApiManager.handleIntent(providerApiCommand);
}
@@ -685,12 +692,12 @@ public class ProviderApiManagerTest {
expectedResult.putBoolean(BROADCAST_RESULT_KEY, true);
expectedResult.putParcelable(PROVIDER_KEY, provider);
-
Intent providerApiCommand = mockIntent();
providerApiCommand.putExtra(PROVIDER_KEY, provider);
providerApiCommand.setAction(ProviderAPI.SET_UP_PROVIDER);
providerApiCommand.putExtra(ProviderAPI.RECEIVER_KEY, mockResultReceiver(PROVIDER_OK, expectedResult));
+ providerApiCommand.putExtra(PARAMETERS, mockBundle());
providerApiManager.handleIntent(providerApiCommand);
}
@@ -707,7 +714,7 @@ public class ProviderApiManagerTest {
providerApiCommand.putExtra(PROVIDER_KEY, provider);
providerApiCommand.setAction(ProviderAPI.SET_UP_PROVIDER);
providerApiCommand.putExtra(ProviderAPI.RECEIVER_KEY, mockResultReceiver(PROVIDER_OK));
-
+ providerApiCommand.putExtra(PARAMETERS, mockBundle());
mockTorStatusObservable(null);
providerApiManager.handleIntent(providerApiCommand);
@@ -727,7 +734,7 @@ public class ProviderApiManagerTest {
providerApiCommand.putExtra(PROVIDER_KEY, provider);
providerApiCommand.setAction(ProviderAPI.SET_UP_PROVIDER);
providerApiCommand.putExtra(ProviderAPI.RECEIVER_KEY, mockResultReceiver(PROVIDER_NOK));
-
+ providerApiCommand.putExtra(PARAMETERS, mockBundle());
mockTorStatusObservable(null);
providerApiManager.handleIntent(providerApiCommand);
@@ -746,7 +753,7 @@ public class ProviderApiManagerTest {
providerApiCommand.putExtra(PROVIDER_KEY, provider);
providerApiCommand.setAction(ProviderAPI.SET_UP_PROVIDER);
providerApiCommand.putExtra(ProviderAPI.RECEIVER_KEY, mockResultReceiver(PROVIDER_NOK));
-
+ providerApiCommand.putExtra(PARAMETERS, mockBundle());
mockTorStatusObservable(new TimeoutException("Tor took too long to start."));
providerApiManager.handleIntent(providerApiCommand);
@@ -767,7 +774,7 @@ public class ProviderApiManagerTest {
providerApiCommand.putExtra(PROVIDER_KEY, provider);
providerApiCommand.setAction(ProviderAPI.SET_UP_PROVIDER);
providerApiCommand.putExtra(ProviderAPI.RECEIVER_KEY, mockResultReceiver(PROVIDER_OK));
-
+ providerApiCommand.putExtra(PARAMETERS, mockBundle());
mockTorStatusObservable(null);
providerApiManager.handleIntent(providerApiCommand);
@@ -788,7 +795,7 @@ public class ProviderApiManagerTest {
providerApiCommand.putExtra(PROVIDER_KEY, provider);
providerApiCommand.setAction(ProviderAPI.SET_UP_PROVIDER);
providerApiCommand.putExtra(ProviderAPI.RECEIVER_KEY, mockResultReceiver(PROVIDER_OK));
-
+ providerApiCommand.putExtra(PARAMETERS, mockBundle());
mockTorStatusObservable(new TimeoutException("This timeout exception is never thrown"));
providerApiManager.handleIntent(providerApiCommand);
@@ -809,7 +816,7 @@ public class ProviderApiManagerTest {
providerApiCommand.putExtra(PROVIDER_KEY, provider);
providerApiCommand.setAction(ProviderAPI.UPDATE_INVALID_VPN_CERTIFICATE);
providerApiCommand.putExtra(ProviderAPI.RECEIVER_KEY, mockResultReceiver(CORRECTLY_UPDATED_INVALID_VPN_CERTIFICATE));
-
+ providerApiCommand.putExtra(PARAMETERS, mockBundle());
mockTorStatusObservable(null);
providerApiManager.handleIntent(providerApiCommand);
@@ -831,7 +838,7 @@ public class ProviderApiManagerTest {
providerApiCommand.putExtra(PROVIDER_KEY, provider);
providerApiCommand.setAction(ProviderAPI.UPDATE_INVALID_VPN_CERTIFICATE);
providerApiCommand.putExtra(ProviderAPI.RECEIVER_KEY, mockResultReceiver(INCORRECTLY_UPDATED_INVALID_VPN_CERTIFICATE));
-
+ providerApiCommand.putExtra(PARAMETERS, mockBundle());
mockTorStatusObservable(new TimeoutException("This timeout exception is never thrown"));
providerApiManager.handleIntent(providerApiCommand);
@@ -853,7 +860,7 @@ public class ProviderApiManagerTest {
providerApiCommand.putExtra(PROVIDER_KEY, provider);
providerApiCommand.setAction(ProviderAPI.UPDATE_INVALID_VPN_CERTIFICATE);
providerApiCommand.putExtra(ProviderAPI.RECEIVER_KEY, mockResultReceiver(CORRECTLY_UPDATED_INVALID_VPN_CERTIFICATE));
-
+ providerApiCommand.putExtra(PARAMETERS, mockBundle());
mockTorStatusObservable(null);
providerApiManager.handleIntent(providerApiCommand);
@@ -880,7 +887,7 @@ public class ProviderApiManagerTest {
providerApiCommand.putExtra(PROVIDER_KEY, provider);
providerApiCommand.setAction(ProviderAPI.UPDATE_INVALID_VPN_CERTIFICATE);
providerApiCommand.putExtra(ProviderAPI.RECEIVER_KEY, mockResultReceiver(TOR_EXCEPTION, expectedResult));
-
+ providerApiCommand.putExtra(PARAMETERS, mockBundle());
mockTorStatusObservable(new InterruptedException("Tor thread was interrupted."));
providerApiManager.handleIntent(providerApiCommand);
@@ -903,7 +910,7 @@ public class ProviderApiManagerTest {
providerApiCommand.putExtra(PROVIDER_KEY, provider);
providerApiCommand.setAction(ProviderAPI.SET_UP_PROVIDER);
providerApiCommand.putExtra(ProviderAPI.RECEIVER_KEY, mockResultReceiver(TOR_TIMEOUT, expectedResult));
-
+ providerApiCommand.putExtra(PARAMETERS, mockBundle());
mockTorStatusObservable(new TimeoutException("Tor took too long to start."));
providerApiManager.handleIntent(providerApiCommand);
@@ -928,7 +935,7 @@ public class ProviderApiManagerTest {
providerApiCommand.setAction(ProviderAPI.SET_UP_PROVIDER);
providerApiCommand.putExtra(ProviderAPI.RECEIVER_KEY, mockResultReceiver(MISSING_NETWORK_CONNECTION, expectedResult));
providerApiCommand.putExtra(PROVIDER_KEY, provider);
-
+ providerApiCommand.putExtra(PARAMETERS, mockBundle());
providerApiManager.handleIntent(providerApiCommand);
}
diff --git a/app/src/test/java/se/leap/bitmaskclient/eip/VpnCertificateValidatorTest.java b/app/src/test/java/se/leap/bitmaskclient/eip/VpnCertificateValidatorTest.java
index 32c0d0e4..1cb47f43 100644
--- a/app/src/test/java/se/leap/bitmaskclient/eip/VpnCertificateValidatorTest.java
+++ b/app/src/test/java/se/leap/bitmaskclient/eip/VpnCertificateValidatorTest.java
@@ -38,9 +38,9 @@ public class VpnCertificateValidatorTest {
}
@Test
- public void test_isValid_lessThan15days_returnFalse() throws NoSuchAlgorithmException, CertificateEncodingException, IOException {
+ public void test_isValid_lessThan1day_returnFalse() throws NoSuchAlgorithmException, CertificateEncodingException, IOException {
String cert = getInputAsString(getClass().getClassLoader().getResourceAsStream("riseup.net.pem"));
- Calendar c = new Calendar.Builder().setDate(2024, 4, 14).setCalendarType("gregorian").build();
+ Calendar c = new Calendar.Builder().setDate(2024, 3, 28).setCalendarType("gregorian").build();
mockConfigHelper("falseFingerPrint");
VpnCertificateValidator validator = new VpnCertificateValidator(cert);
validator.setCalendarProvider(new TestCalendarProvider(c.getTimeInMillis()));
@@ -50,7 +50,7 @@ public class VpnCertificateValidatorTest {
@Test
public void test_isValid_multipleCerts_failIfOneExpires() throws NoSuchAlgorithmException, CertificateEncodingException, IOException {
String cert = getInputAsString(getClass().getClassLoader().getResourceAsStream("float.hexacab.org.pem"));
- Calendar c = new Calendar.Builder().setDate(2024, 4, 14).setCalendarType("gregorian").build();
+ Calendar c = new Calendar.Builder().setDate(2024, 3, 28).setCalendarType("gregorian").build();
mockConfigHelper("falseFingerPrint");
VpnCertificateValidator validator = new VpnCertificateValidator(cert);
validator.setCalendarProvider(new TestCalendarProvider(c.getTimeInMillis()));
@@ -60,10 +60,30 @@ public class VpnCertificateValidatorTest {
@Test
public void test_isValid_multipleCerts_allValid() throws NoSuchAlgorithmException, CertificateEncodingException, IOException {
String cert = getInputAsString(getClass().getClassLoader().getResourceAsStream("float.hexacab.org.pem"));
- Calendar c = new Calendar.Builder().setDate(2024, 4, 13).setCalendarType("gregorian").build();
+ Calendar c = new Calendar.Builder().setDate(2024, 3, 27).setCalendarType("gregorian").build();
mockConfigHelper("falseFingerPrint");
VpnCertificateValidator validator = new VpnCertificateValidator(cert);
validator.setCalendarProvider(new TestCalendarProvider(c.getTimeInMillis()));
- assertFalse(validator.isValid());
+ assertTrue(validator.isValid());
+ }
+
+ @Test
+ public void test_shouldBeUpdated_lessThan8days_returnTrue() throws NoSuchAlgorithmException, CertificateEncodingException, IOException {
+ String cert = getInputAsString(getClass().getClassLoader().getResourceAsStream("float.hexacab.org.pem"));
+ Calendar c = new Calendar.Builder().setDate(2024, 3, 21).setCalendarType("gregorian").build();
+ mockConfigHelper("falseFingerPrint");
+ VpnCertificateValidator validator = new VpnCertificateValidator(cert);
+ validator.setCalendarProvider(new TestCalendarProvider(c.getTimeInMillis()));
+ assertTrue(validator.shouldBeUpdated());
+ }
+
+ @Test
+ public void test_shouldBeUpdated_moreThan8days_returnFalse() throws NoSuchAlgorithmException, CertificateEncodingException, IOException {
+ String cert = getInputAsString(getClass().getClassLoader().getResourceAsStream("float.hexacab.org.pem"));
+ Calendar c = new Calendar.Builder().setDate(2024, 3, 20).setCalendarType("gregorian").build();
+ mockConfigHelper("falseFingerPrint");
+ VpnCertificateValidator validator = new VpnCertificateValidator(cert);
+ validator.setCalendarProvider(new TestCalendarProvider(c.getTimeInMillis()));
+ assertFalse(validator.shouldBeUpdated());
}
} \ No newline at end of file
diff --git a/app/src/test/resources/v4/riseup.net.cert b/app/src/test/resources/v4/riseup.net.cert
index b689c033..86bc0b55 100644
--- a/app/src/test/resources/v4/riseup.net.cert
+++ b/app/src/test/resources/v4/riseup.net.cert
@@ -1,54 +1,54 @@
-----BEGIN RSA PRIVATE KEY-----
-MIIEowIBAAKCAQEAvXvOGBJeNZfzvkLgEbunA29j/zrxGtDxQwHQ2oAElpQyZfzF
-smHza6Q4o1audAH/hrLF4Z3I3jRbGsuh81pq7GCMsaL1/C2xWlOOHH6+zljdLHvr
-/COwVOuKIUR19yIIozcBaCp3mvDCMAH+cF0uLPw/cfs4Le0gaptN3n3f5jFnFxEs
-3fDXnAgUP7QPvxm5Wl5MM2HBNKcwPNLA29VrgRtJ6OJWtK3raB1S1D3Iv9OMAYtA
-5dCpRMYbV0gBcxc0YRsmlLy8s3ZKdKF3aqiZfN4R/dLzqmysIAVSgfvp8vZpRZDz
-uStE+fiTH4MEFpUTQ6bwbjV9hh6+M5UO1aPYUwIDAQABAoIBAGPgDhHCHMZDAccX
-mOO/9Zhp7ltpxgxMdd7L5jpFoCV+l9IKGmqcFqJ2PSRbXDjplLZ7JLJ3aJk3H45Q
-J10OG63cdkxriR0TOJhT0mRSqmA5ltsLtqeAaEFapcRDQaqx1buyEpvFRqX0oWaM
-poCznNM5YnfB4yrSAnQuyCyuTIYYO5n4baOWR97vbpfwPtznyt2vsVhsP6hj2+4u
-Jv4cgDtvap/yXpCcQdfoAKavDRKDd9Ig+6ZirfNZv8nMShQqQj3WWzDY9FxWb2kG
-BjKRURS5CD/4FRTY4CIQ9sGvhTvcY7WxgQ6uESuM2YBTEFygEtB9tyIMdPDTz9qg
-43eqA4ECgYEA6YbVqnZPxGK2TTqJw0yV/UPDhXy0gViOX+eMwQpfQySd1wqBabeh
-hS0ntMMcgZHNQ9IsBZDSkfVFA51+x97kQeoF5kvM3PYLBBvP6NBBaR/rlofkz/4z
-4CIEFoFMUFplF4tyJOm+QQx7A8njG8oIJ0MI8zEjglJk4//yHF8AfU8CgYEAz7fs
-uGKevL7Ha6n9qiQ08cLunWPP0CEUobf4afgXMVBl7R9hDiq80YImK0wuh8prOt0E
-TWtL9i8ToEvHaubuXT1kgoOZoeyIAEYpi1aF/a/+AZ562Ts8jeWwa6ZJVqLfG0lR
-gdrQvJgDgqsF4B6oynEjrvtanW48g+ROLmXwG70CgYBAF7yey1f7O2hza8SRsHxe
-BXItOdvEwExbMA7mkHUy1WLouT5piHexOIJ0TzSMrzqaCZ4BbQ0N+DYX1usL6jXV
-jWhPG7C/WFwPpZ57dGTveE5Ng0CegVM1icB7eMM8LoMeYixSy0BnVAiTMp69asaw
-F+rl7C+lvf1owj9t3/kfawKBgQCxvqFB5qIOwPHEn2IBBZqIhlXJOG/LmYMeH17i
-zviJqlKN5hwXE1sfrE8dHcNzTzMS262i0f3eW8pfkHjEcXfnMXGgfRwqA00dbux9
-3zwpKUAiAor8+EOI6NNeSpzXFef0YXjttWCJAUt/tPkCHzowgUAXq96OeJYwBl0g
-NvqPwQKBgDpV8An1JZAjcUNc9IP6GvubYpsTwyEjSHYteEdBtahLrh0G4gjLNgg7
-PvhHxni5UvjeRiNPwb3cWVYL7v7YVTRyDvRmZ7FrLWJ0q3P0S8Ww4ar+ZWw8sQhQ
-zaoY20NYypde+K9RRamnUw6GvoS+o7pF0c+hXaup/jGAwszcLJr3
+MIIEpAIBAAKCAQEAwtqqSbTsB/JchPr41KdSyTWfG+qBxRfbqYw5hx8VxzuVNPn4
+nEmKm4KbtEhZLT3Kk0yJa+9X3UBVkeTrI6IZQmsK1s1lq9YTcwjsryza//xtw6gM
+7Wd8X8FaMnaYPBBRpaWWi//RsrLmztm0kSU1pJbgSL1VJsngGImWPcnAPvhPS4IG
+6XD/4DLyog7Hyg0yuZyBf6DzvQUMFh/B9Sm+ogY8nG+vEaoN/RaKn25M+uC6NC2v
+X+9wcqLyQeh0JsIA23foyyWlA2sW2+ad4VWfI3DpXwYCnCuJZlD3JZoLP8OoQacl
+PsBIll+n6KeVcE7H7af2CkNinFa+0CgMYtvpgQIDAQABAoIBAQC5ufkkRinQLUfY
+jOuOrmovVUfyMOU+es4qXnka/RsiCv3eQAGi3koajjRhc7BkeghTvFkkIz9pqX+m
+jz89eK2A7Eypj5/AWU2ykSgglK2t3+qz2sNvqfsXvlF91iKm5ZsdO6cyjEVRgkqT
+kVkWHBR0bEcdrjGyxisu2D33aQ0wNo1ENoJYJEe+F+fcm3IhVsSCMWEoYeX+RXXq
+scwGgwNSn3V4fEqQA7Hs77ri+gjbuIf6KZ3DPcQTpJ4ST6UcJkyXowLLYFmPgVJt
+XOqJ5sjDUNLgX2F6LJj8r0C2V0UmRoed/ZONmB2AVr/e/BmGB4zLVOFv4NLK52CP
+m3B4SrPNAoGBAPEJcfFPAOAHIW51xz2l61W4d4rqvu54IuHYMGWRJjtNx/zqIxwE
+I4hTHz9jz++JZaJH9anOliosIqzmieds57JX0MBEOIVG8wb0BgxziIO8E5hdfptr
+DWtfmnFnCiz2qEb38UU8GiifiwCrU6NkEniAaoCVkMMx+B0cycLfeeUHAoGBAM7z
+SOUbZooN7ZAz/KFe05wHOwngb7ikEuENXFLziyaOa+0zXyv0PitWese0GdGbU1nH
+Alkw/qA8kozGobmfSWrLxBCjJDtz4wuDilwI4OT0hO6+VZlF89C84BjAVA/RXjzo
+CcIUrIvZv8OaopESicuC67KB1ujB4p+XFTEmlmM3AoGABSNTZ3ZsqVndj5I5JgpE
+YvZkrfRlD4ZGEBRgq7mVXAxDaBPBndZEv6It91b0VsHSBcyM4wrBTrLUJmVfqSw8
+ICQZEhAiOE0T3yESg+9uiIhYzpWnnj6A8bn++83bfKvhWGnunbAzSoxkFSaRyNjY
+P/NU0dreVBrblBtJ/bpvyb8CgYBOX13kvdq4P4wPB1EN/65dsXNPSzqkDybDKd8j
+3u18nYUL4F+Tcry0htyakn8QnSUUo8Qk6OQU5LuPKo4GkOcp1Z8budy30yxRqPAV
+6Jrauis5isU59X7fNxga54MuNljc8fb4FAJAOCdiOUaFcCLU+nCuOnOb1Akx7PJu
+mbFsQwKBgQCfOLsXqDHMRTnyRCwGOx9aIbYt0qW5ZE08f8vbqKMz2KeX9uN7G/7s
+NO36Zakppn9IS9nQVPmBDQhQ+8VQYqX7VaB1ug7d1OhuP+dbvXGBq4nN9f2iqy6Z
+G5PyYZpI8Qo+Cr04TkXacz9Lc4NFOxyqw/Ln1tuOLYAZY8dSaTHOsg==
-----END RSA PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
-MIIEmzCCAoOgAwIBAgIQfhZuQF/HQWNj4bY/2E0R1zANBgkqhkiG9w0BAQsFADB1
+MIIEmzCCAoOgAwIBAgIQdYL065go8MY1TA6uhbuzrzANBgkqhkiG9w0BAQsFADB1
MRgwFgYDVQQKDA9SaXNldXAgTmV0d29ya3MxGzAZBgNVBAsMEmh0dHBzOi8vcmlz
ZXVwLm5ldDE8MDoGA1UEAwwzUmlzZXVwIE5ldHdvcmtzIFJvb3QgQ0EgKGNsaWVu
-dCBjZXJ0aWZpY2F0ZXMgb25seSEpMB4XDTIyMDQxNzAwMDAwMFoXDTIyMDcxNzAw
-MDAwMFowLTErMCkGA1UEAwwiVU5MSU1JVEVEN2ZsNjdmcmZ6NnF3aWs2eG95emht
-bzV2eTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL17zhgSXjWX875C
-4BG7pwNvY/868RrQ8UMB0NqABJaUMmX8xbJh82ukOKNWrnQB/4ayxeGdyN40WxrL
-ofNaauxgjLGi9fwtsVpTjhx+vs5Y3Sx76/wjsFTriiFEdfciCKM3AWgqd5rwwjAB
-/nBdLiz8P3H7OC3tIGqbTd593+YxZxcRLN3w15wIFD+0D78ZuVpeTDNhwTSnMDzS
-wNvVa4EbSejiVrSt62gdUtQ9yL/TjAGLQOXQqUTGG1dIAXMXNGEbJpS8vLN2SnSh
-d2qomXzeEf3S86psrCAFUoH76fL2aUWQ87krRPn4kx+DBBaVE0Om8G41fYYevjOV
-DtWj2FMCAwEAAaNvMG0wHQYDVR0OBBYEFASbEXiXvCseE07xGzDXVzZqRWYkMAsG
+dCBjZXJ0aWZpY2F0ZXMgb25seSEpMB4XDTIyMDYxODAwMDAwMFoXDTIyMDkxODAw
+MDAwMFowLTErMCkGA1UEAwwiVU5MSU1JVEVENnZteWZ1MHpsdmlucmprdTN3Y2hp
+OTZsbDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMLaqkm07AfyXIT6
++NSnUsk1nxvqgcUX26mMOYcfFcc7lTT5+JxJipuCm7RIWS09ypNMiWvvV91AVZHk
+6yOiGUJrCtbNZavWE3MI7K8s2v/8bcOoDO1nfF/BWjJ2mDwQUaWllov/0bKy5s7Z
+tJElNaSW4Ei9VSbJ4BiJlj3JwD74T0uCBulw/+Ay8qIOx8oNMrmcgX+g870FDBYf
+wfUpvqIGPJxvrxGqDf0Wip9uTPrgujQtr1/vcHKi8kHodCbCANt36MslpQNrFtvm
+neFVnyNw6V8GApwriWZQ9yWaCz/DqEGnJT7ASJZfp+inlXBOx+2n9gpDYpxWvtAo
+DGLb6YECAwEAAaNvMG0wHQYDVR0OBBYEFGy9LFCeTCtyoVbQYY18zgpX0N98MAsG
A1UdDwQEAwIHgDATBgNVHSUEDDAKBggrBgEFBQcDAjAJBgNVHRMEAjAAMB8GA1Ud
-IwQYMBaAFBf0G9XlKgEBTWuiXTYKKQmWZYBGMA0GCSqGSIb3DQEBCwUAA4ICAQA6
-P4z8srFEo/LhaAdOTHjvi4t8OVR7WuD6Tit68UabZpbFwPmXVbzYATKmNepYjXqR
-TDW416M7QWja5nyFSXaLzk95osE1IxqcqgZ5vKHLPFE5J8eBtkVoFN6+9F6olx6s
-8UYbewU1Cm2rN2Y1xXNxAFz9wNqLjGdhuExdfxE+4/Y2uh40yC2rhiJLiSrsdfCU
-QsBQJy7Z76dAtbp2087aqikHmiqm/lkIKXE3jNgb8JCT3oJutedBA/CknDyM/7N/
-x83mS5Iu6vRQIBFN6wfsxxUWOh9oSnivcWBF5IO7a71nuiEEaZpG1tSsQTYk9ENW
-Sx5cP4NnF7uZyMhYASWpVRBsx0gz6cmGWTIO8v9CX4D8HMK7uKeJkMenmwiwnhkI
-+H+9U8sHCX0UGUZqiJshM7ySf7lhHI+UgrE2qCR0GFoRfP9Yz6tsJ0bNKBUkl6UH
-BmXtH1Z7QVSfbkheNA3LNaFB2Gz20+s1kF6N0VGE1DQCsgM2gkciEhYAz13OBT70
-j6PPargWi51B/hsg9b3LE44dk052/vVnklnJ+rjdgrrmwIlN4xyEbc851knLOqxn
-7Xjnl1Qx4sJkm06E+AuKy0OXy2f/mIOiTmA0jlXtYPSV6rYxtUzJeOlqwsu3ImNg
-x3DRSmjZfW1BOCSqLvlJyKeFKxwJlWFGsKk7uBonwA==
+IwQYMBaAFBf0G9XlKgEBTWuiXTYKKQmWZYBGMA0GCSqGSIb3DQEBCwUAA4ICAQBy
+MezxBB08bn5L5ye3pTOvENyM0DLGdoy1N+oEHhjMW/QmxPuXzKviyxNEtFCbyZeT
+n+uQPY3zwhj4vF5PZoUXI22USISMo+bPHHo4dTfXfzln7CuPuXnUR1bFKSFGU7+B
+6TZb5qmFkWfCiZ8KE1ogKXLX2mwmnIKVpPiu07pp6msR+pxfQHBBbrzafLs5PSa8
+kTxW900eozF4KJYwcryu6A/tdkTrQqsji/NrwqJRnFqzzDV0x7iFpnp0J9xRi1oa
+nkETZXMSHkDkqL3RdTwg11RX+bnYS/GK+//z3G17iwB/rGIi9O2qN6uMhX/ZFwom
+AAqbSAzOnSU2ERaSuc7a0t9c9cNnusbYiDaNISAi7bOGs5tCbLRBwSznvIo9Dfx8
+aRnDucYp+I6Vl7xW2mM155/44laemiWn4SPRbvBgZgBWObptnuIqu9Nipwp69z/Q
+x/BBcnNu+PbdkuC9zO+OtwosK3WVkL+QiKWbT4fxXNqJV90NM1R+CteDWvixs+Bn
+xVGCH4c6+svnBmyRhDYID7ZmoeE/gnPkceh63igZ6V+w0UAnGtT9cfLK9cLawfZO
+GnO7P8YTawjRoVz9FmhUnirghq8xk0MCdGHWzT+FqGS+l270F+bbD4eUD2nQhV4J
+QJ0J3BGyzELKzFtIBIpnzPVDJDSIQkPTT/yP7gAEPg==
-----END CERTIFICATE----- \ No newline at end of file