diff options
author | Parménides GV <parmegv@sdf.org> | 2013-03-14 19:53:31 +0100 |
---|---|---|
committer | Parménides GV <parmegv@sdf.org> | 2013-03-14 19:53:31 +0100 |
commit | 203c8caca5a305b90fd0e69c965e503afe979354 (patch) | |
tree | 843956654a949dc64b7e4f758847820b432f0454 /src/se/leap/leapclient/ConfigHelper.java | |
parent | 929fa9a3b7621e0a956ed8d7beffb87ed7f16249 (diff) |
After downloading provider.json successfully, ConfigurationWizard now
can download eip-service.json and ca.crt without having the latter as a
predefined trusted certificate. It does not ask anything about trusting
the new certificate as far as selecting a custom provider means that the
user trusts that url.
Next step: make provider.json also downloadable from https address using
ca.cert not trusted.
Diffstat (limited to 'src/se/leap/leapclient/ConfigHelper.java')
-rw-r--r-- | src/se/leap/leapclient/ConfigHelper.java | 70 |
1 files changed, 70 insertions, 0 deletions
diff --git a/src/se/leap/leapclient/ConfigHelper.java b/src/se/leap/leapclient/ConfigHelper.java index f5800a0e..b6526691 100644 --- a/src/se/leap/leapclient/ConfigHelper.java +++ b/src/se/leap/leapclient/ConfigHelper.java @@ -8,6 +8,12 @@ import java.io.FileNotFoundException; import java.io.FileWriter; import java.io.IOException; import java.io.InputStream; +import java.security.KeyStore; +import java.security.KeyStoreException; +import java.security.NoSuchAlgorithmException; +import java.security.cert.CertificateException; +import java.security.cert.CertificateFactory; +import java.security.cert.X509Certificate; import org.json.JSONException; import org.json.JSONObject; @@ -19,6 +25,7 @@ import android.util.Log; public class ConfigHelper { public static SharedPreferences shared_preferences; + private static KeyStore keystore_trusted; final static String downloadJsonFilesBundleExtra = "downloadJSONFiles"; final static String downloadNewProviderDotJSON = "downloadNewProviderDotJSON"; @@ -90,4 +97,67 @@ public class ConfigHelper { SharedPreferences shared_preferences) { ConfigHelper.shared_preferences = shared_preferences; } + + public static void addTrustedCertificate(String provider, InputStream inputStream) { + CertificateFactory cf; + try { + cf = CertificateFactory.getInstance("X.509"); + X509Certificate cert = + (X509Certificate)cf.generateCertificate(inputStream); + keystore_trusted.setCertificateEntry("provider", cert); + } catch (CertificateException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } catch (KeyStoreException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + } + + public static void addTrustedCertificate(String provider, String certificate) { + String filename_to_save = provider + "_certificate.cer"; + saveFile(filename_to_save, certificate); + CertificateFactory cf; + try { + cf = CertificateFactory.getInstance("X.509"); + X509Certificate cert = + (X509Certificate)cf.generateCertificate(openFileInputStream(filename_to_save)); + keystore_trusted.setCertificateEntry("provider", cert); + } catch (CertificateException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } catch (KeyStoreException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + } + + public static KeyStore getKeystore() { + return keystore_trusted; + } + + public static void getNewKeystore(InputStream leap_keystore) { + try { + keystore_trusted = KeyStore.getInstance("BKS"); + try { + // Initialize the keystore with the provided trusted certificates + // Also provide the password of the keystore + keystore_trusted.load(leap_keystore, "uer92jf".toCharArray()); + } finally { + leap_keystore.close(); + } + } catch (KeyStoreException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } catch (NoSuchAlgorithmException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } catch (CertificateException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } catch (IOException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + } } |