diff options
Diffstat (limited to 'app/src/main')
-rw-r--r-- | app/src/main/java/se/leap/bitmaskclient/Provider.java | 14 | ||||
-rw-r--r-- | app/src/main/java/se/leap/bitmaskclient/ProviderManager.java | 52 | ||||
-rw-r--r-- | app/src/main/res/values-es/strings.xml | 1 | ||||
-rw-r--r-- | app/src/main/res/values/strings.xml | 1 |
4 files changed, 44 insertions, 24 deletions
diff --git a/app/src/main/java/se/leap/bitmaskclient/Provider.java b/app/src/main/java/se/leap/bitmaskclient/Provider.java index ee06a586..a030927d 100644 --- a/app/src/main/java/se/leap/bitmaskclient/Provider.java +++ b/app/src/main/java/se/leap/bitmaskclient/Provider.java @@ -32,6 +32,7 @@ public final class Provider implements Parcelable { private JSONObject definition; // Represents our Provider's provider.json private URL main_url; + private String certificate_pin = ""; final public static String API_URL = "api_uri", @@ -62,8 +63,9 @@ public final class Provider implements Parcelable { this.main_url = main_url; } - public Provider(File provider_file) { - + public Provider(URL main_url, String certificate_pin) { + this.main_url = main_url; + this.certificate_pin = certificate_pin; } public static final Parcelable.Creator<Provider> CREATOR @@ -81,11 +83,9 @@ public final class Provider implements Parcelable { try { main_url = new URL(in.readString()); String definition_string = in.readString(); - if (definition_string != null) + if (!definition_string.isEmpty()) definition = new JSONObject((definition_string)); - } catch (MalformedURLException e) { - e.printStackTrace(); - } catch (JSONException e) { + } catch (MalformedURLException | JSONException e) { e.printStackTrace(); } } @@ -106,6 +106,8 @@ public final class Provider implements Parcelable { return main_url; } + protected String certificatePin() { return certificate_pin; } + protected String getName() { // Should we pass the locale in, or query the system here? String lang = Locale.getDefault().getLanguage(); diff --git a/app/src/main/java/se/leap/bitmaskclient/ProviderManager.java b/app/src/main/java/se/leap/bitmaskclient/ProviderManager.java index 40fe8b5a..220a71c8 100644 --- a/app/src/main/java/se/leap/bitmaskclient/ProviderManager.java +++ b/app/src/main/java/se/leap/bitmaskclient/ProviderManager.java @@ -49,11 +49,14 @@ public class ProviderManager implements AdapteeCollection<Provider> { Set<Provider> providers = new HashSet<Provider>(); try { for (String file : relative_file_paths) { - String main_url = extractMainUrlFromInputStream(assets_manager.open(directory + "/" + file)); - providers.add(new Provider(new URL(main_url))); + InputStream provider_file = assets_manager.open(directory + "/" + file); + String main_url = extractMainUrlFromInputStream(provider_file); + String certificate_pin = extractCertificatePinFromInputStream(provider_file); + if(certificate_pin.isEmpty()) + providers.add(new Provider(new URL(main_url))); + else + providers.add(new Provider(new URL(main_url), certificate_pin)); } - } catch (MalformedURLException e) { - e.printStackTrace(); } catch (IOException e) { e.printStackTrace(); } @@ -75,30 +78,43 @@ public class ProviderManager implements AdapteeCollection<Provider> { String main_url = extractMainUrlFromInputStream(new FileInputStream(external_files_dir.getAbsolutePath() + "/" + file)); providers.add(new Provider(new URL(main_url))); } - } catch (MalformedURLException e) { - e.printStackTrace(); - } catch (FileNotFoundException e) { + } catch (MalformedURLException | FileNotFoundException e) { e.printStackTrace(); } return providers; } - private String extractMainUrlFromInputStream(InputStream input_stream_file_contents) { + private String extractMainUrlFromInputStream(InputStream input_stream) { String main_url = ""; - byte[] bytes = new byte[0]; + + JSONObject file_contents = inputStreamToJson(input_stream); + if(file_contents != null) + main_url = file_contents.optString(Provider.MAIN_URL); + return main_url; + } + + private String extractCertificatePinFromInputStream(InputStream input_stream) { + String certificate_pin = ""; + + JSONObject file_contents = inputStreamToJson(input_stream); + if(file_contents != null) + certificate_pin = file_contents.optString(Provider.CA_CERT_FINGERPRINT); + + return certificate_pin; + } + + private JSONObject inputStreamToJson(InputStream input_stream) { + JSONObject json = null; try { - bytes = new byte[input_stream_file_contents.available()]; - if (input_stream_file_contents.read(bytes) > 0) { - JSONObject file_contents = new JSONObject(new String(bytes)); - main_url = file_contents.getString(Provider.MAIN_URL); - } - } catch (IOException e) { - e.printStackTrace(); - } catch (JSONException e) { + byte[] bytes = new byte[input_stream.available()]; + if (input_stream.read(bytes) > 0) + json = new JSONObject(new String(bytes)); + input_stream.reset(); + } catch (IOException | JSONException e) { e.printStackTrace(); } - return main_url; + return json; } public Set<Provider> providers() { diff --git a/app/src/main/res/values-es/strings.xml b/app/src/main/res/values-es/strings.xml index 7ab5150e..82ca44e9 100644 --- a/app/src/main/res/values-es/strings.xml +++ b/app/src/main/res/values-es/strings.xml @@ -48,6 +48,7 @@ <string name="setup_error_close_button">Salir</string> <string name="setup_error_text">Sucedió un error configurando Bitmask con tu proveedor elegido.\n\nPuedes volver a intentarlo, o elegir otro proveedor.</string> <string name="server_unreachable_message">No se ha detectado red para hablar con el servidor, inténtalo de nuevo.</string> + <string name="error.security.pinnedcertificate">Error de seguridad, actualiza la aplicación o elige otro proveedor.</string> <string name="malformed_url">No parece que sea un proveedor de Bitmask.</string> <string name="certificate_error">No es un proveedor de Bitmak de confianza.</string> <string name="service_is_down_error">El servicio está caído.</string> diff --git a/app/src/main/res/values/strings.xml b/app/src/main/res/values/strings.xml index ac6191a9..bcfd3a2c 100644 --- a/app/src/main/res/values/strings.xml +++ b/app/src/main/res/values/strings.xml @@ -47,6 +47,7 @@ <string name="setup_error_close_button">Exit</string> <string name="setup_error_text">There was an error configuring Bitmask with your chosen provider.\n\nYou may choose to reconfigure, or exit and configure a provider upon next launch.</string> <string name="server_unreachable_message">Server is unreachable, please try again.</string> + <string name="error.security.pinnedcertificate">Security error, update the app or choose another provider.</string> <string name="malformed_url">It doesn\'t seem to be a Bitmask provider.</string> <string name="certificate_error">This is not a trusted Bitmask provider.</string> <string name="service_is_down_error">Service is down.</string> |