summaryrefslogtreecommitdiff
path: root/src/se/leap/leapclient/ConfigHelper.java
diff options
context:
space:
mode:
authorParménides GV <parmegv@sdf.org>2013-03-14 19:53:31 +0100
committerParménides GV <parmegv@sdf.org>2013-03-14 19:53:31 +0100
commit203c8caca5a305b90fd0e69c965e503afe979354 (patch)
tree843956654a949dc64b7e4f758847820b432f0454 /src/se/leap/leapclient/ConfigHelper.java
parent929fa9a3b7621e0a956ed8d7beffb87ed7f16249 (diff)
After downloading provider.json successfully, ConfigurationWizard now
can download eip-service.json and ca.crt without having the latter as a predefined trusted certificate. It does not ask anything about trusting the new certificate as far as selecting a custom provider means that the user trusts that url. Next step: make provider.json also downloadable from https address using ca.cert not trusted.
Diffstat (limited to 'src/se/leap/leapclient/ConfigHelper.java')
-rw-r--r--src/se/leap/leapclient/ConfigHelper.java70
1 files changed, 70 insertions, 0 deletions
diff --git a/src/se/leap/leapclient/ConfigHelper.java b/src/se/leap/leapclient/ConfigHelper.java
index f5800a0e..b6526691 100644
--- a/src/se/leap/leapclient/ConfigHelper.java
+++ b/src/se/leap/leapclient/ConfigHelper.java
@@ -8,6 +8,12 @@ import java.io.FileNotFoundException;
import java.io.FileWriter;
import java.io.IOException;
import java.io.InputStream;
+import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+import java.security.cert.CertificateException;
+import java.security.cert.CertificateFactory;
+import java.security.cert.X509Certificate;
import org.json.JSONException;
import org.json.JSONObject;
@@ -19,6 +25,7 @@ import android.util.Log;
public class ConfigHelper {
public static SharedPreferences shared_preferences;
+ private static KeyStore keystore_trusted;
final static String downloadJsonFilesBundleExtra = "downloadJSONFiles";
final static String downloadNewProviderDotJSON = "downloadNewProviderDotJSON";
@@ -90,4 +97,67 @@ public class ConfigHelper {
SharedPreferences shared_preferences) {
ConfigHelper.shared_preferences = shared_preferences;
}
+
+ public static void addTrustedCertificate(String provider, InputStream inputStream) {
+ CertificateFactory cf;
+ try {
+ cf = CertificateFactory.getInstance("X.509");
+ X509Certificate cert =
+ (X509Certificate)cf.generateCertificate(inputStream);
+ keystore_trusted.setCertificateEntry("provider", cert);
+ } catch (CertificateException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ } catch (KeyStoreException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
+ }
+
+ public static void addTrustedCertificate(String provider, String certificate) {
+ String filename_to_save = provider + "_certificate.cer";
+ saveFile(filename_to_save, certificate);
+ CertificateFactory cf;
+ try {
+ cf = CertificateFactory.getInstance("X.509");
+ X509Certificate cert =
+ (X509Certificate)cf.generateCertificate(openFileInputStream(filename_to_save));
+ keystore_trusted.setCertificateEntry("provider", cert);
+ } catch (CertificateException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ } catch (KeyStoreException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
+ }
+
+ public static KeyStore getKeystore() {
+ return keystore_trusted;
+ }
+
+ public static void getNewKeystore(InputStream leap_keystore) {
+ try {
+ keystore_trusted = KeyStore.getInstance("BKS");
+ try {
+ // Initialize the keystore with the provided trusted certificates
+ // Also provide the password of the keystore
+ keystore_trusted.load(leap_keystore, "uer92jf".toCharArray());
+ } finally {
+ leap_keystore.close();
+ }
+ } catch (KeyStoreException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ } catch (NoSuchAlgorithmException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ } catch (CertificateException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ } catch (IOException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
+ }
}