diff options
Diffstat (limited to 'app/src/main/java/se/leap/bitmaskclient/base')
-rw-r--r-- | app/src/main/java/se/leap/bitmaskclient/base/utils/ConfigHelper.java | 32 | ||||
-rw-r--r-- | app/src/main/java/se/leap/bitmaskclient/base/utils/KeyStoreHelper.java | 78 |
2 files changed, 19 insertions, 91 deletions
diff --git a/app/src/main/java/se/leap/bitmaskclient/base/utils/ConfigHelper.java b/app/src/main/java/se/leap/bitmaskclient/base/utils/ConfigHelper.java index 6c242e5a..27943022 100644 --- a/app/src/main/java/se/leap/bitmaskclient/base/utils/ConfigHelper.java +++ b/app/src/main/java/se/leap/bitmaskclient/base/utils/ConfigHelper.java @@ -37,6 +37,7 @@ import java.security.KeyFactory; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; import java.security.NoSuchProviderException; +import java.security.cert.Certificate; import java.security.cert.CertificateEncodingException; import java.security.cert.CertificateException; import java.security.cert.CertificateFactory; @@ -44,7 +45,9 @@ import java.security.cert.X509Certificate; import java.security.interfaces.RSAPrivateKey; import java.security.spec.InvalidKeySpecException; import java.security.spec.PKCS8EncodedKeySpec; +import java.util.ArrayList; import java.util.Calendar; +import java.util.Collection; import java.util.regex.Matcher; import java.util.regex.Pattern; @@ -99,25 +102,28 @@ public class ConfigHelper { return ret; } - public static X509Certificate parseX509CertificateFromString(String certificateString) { - java.security.cert.Certificate certificate = null; + public static ArrayList<X509Certificate> parseX509CertificatesFromString(String certificateString) { + Collection<? extends Certificate> certificates; CertificateFactory cf; try { cf = CertificateFactory.getInstance("X.509"); - certificateString = certificateString.replaceFirst("-----BEGIN CERTIFICATE-----", "").replaceFirst("-----END CERTIFICATE-----", "").trim(); - byte[] cert_bytes = Base64.decode(certificateString); - InputStream caInput = new ByteArrayInputStream(cert_bytes); - try { - certificate = cf.generateCertificate(caInput); - System.out.println("ca=" + ((X509Certificate) certificate).getSubjectDN()); - } finally { - caInput.close(); + certificateString = certificateString.replaceAll("-----BEGIN CERTIFICATE-----", "").trim().replaceAll("-----END CERTIFICATE-----", "").trim(); + byte[] certBytes = Base64.decode(certificateString); + try (InputStream caInput = new ByteArrayInputStream(certBytes)) { + certificates = cf.generateCertificates(caInput); + if (certificates != null) { + for (Certificate cert : certificates) { + System.out.println("ca=" + ((X509Certificate) cert).getSubjectDN()); + } + return (ArrayList<X509Certificate>) certificates; + } } - } catch (NullPointerException | CertificateException | IOException | IllegalArgumentException e) { - return null; + } catch (NullPointerException | CertificateException | IOException | IllegalArgumentException | ClassCastException e) { + e.printStackTrace(); } - return (X509Certificate) certificate; + + return null; } public static RSAPrivateKey parseRsaKeyFromString(String rsaKeyString) { diff --git a/app/src/main/java/se/leap/bitmaskclient/base/utils/KeyStoreHelper.java b/app/src/main/java/se/leap/bitmaskclient/base/utils/KeyStoreHelper.java deleted file mode 100644 index b0b28993..00000000 --- a/app/src/main/java/se/leap/bitmaskclient/base/utils/KeyStoreHelper.java +++ /dev/null @@ -1,78 +0,0 @@ -package se.leap.bitmaskclient.base.utils; - -import java.io.IOException; -import java.io.InputStream; -import java.security.KeyStore; -import java.security.KeyStoreException; -import java.security.NoSuchAlgorithmException; -import java.security.cert.CertificateException; -import java.security.cert.CertificateFactory; -import java.security.cert.X509Certificate; - -/** - * Created by cyberta on 18.03.18. - */ - -public class KeyStoreHelper { - private static KeyStore trustedKeystore; - - /** - * Adds a new X509 certificate given its input stream and its provider name - * - * @param provider used to store the certificate in the keystore - * @param inputStream from which X509 certificate must be generated. - */ - public static void addTrustedCertificate(String provider, InputStream inputStream) { - CertificateFactory cf; - try { - cf = CertificateFactory.getInstance("X.509"); - X509Certificate cert = - (X509Certificate) cf.generateCertificate(inputStream); - trustedKeystore.setCertificateEntry(provider, cert); - } catch (CertificateException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } catch (KeyStoreException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - } - - /** - * Adds a new X509 certificate given in its string from and using its provider name - * - * @param provider used to store the certificate in the keystore - * @param certificate - */ - public static void addTrustedCertificate(String provider, String certificate) { - - try { - X509Certificate cert = ConfigHelper.parseX509CertificateFromString(certificate); - if (trustedKeystore == null) { - trustedKeystore = KeyStore.getInstance("BKS"); - trustedKeystore.load(null); - } - trustedKeystore.setCertificateEntry(provider, cert); - } catch (KeyStoreException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } catch (NoSuchAlgorithmException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } catch (CertificateException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } catch (IOException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - } - - /** - * @return class wide keystore - */ - public static KeyStore getKeystore() { - return trustedKeystore; - } - -} |