diff options
Diffstat (limited to 'src/se/leap')
-rw-r--r-- | src/se/leap/leapclient/ConfigHelper.java | 81 | ||||
-rw-r--r-- | src/se/leap/leapclient/ConfigurationWizard.java | 53 | ||||
-rw-r--r-- | src/se/leap/leapclient/LeapHttpClient.java | 16 | ||||
-rw-r--r-- | src/se/leap/leapclient/NewProviderDialog.java | 6 | ||||
-rw-r--r-- | src/se/leap/leapclient/ProviderAPI.java | 116 | ||||
-rw-r--r-- | src/se/leap/leapclient/ProviderListContent.java | 6 |
6 files changed, 208 insertions, 70 deletions
diff --git a/src/se/leap/leapclient/ConfigHelper.java b/src/se/leap/leapclient/ConfigHelper.java index 52365762..7476c89a 100644 --- a/src/se/leap/leapclient/ConfigHelper.java +++ b/src/se/leap/leapclient/ConfigHelper.java @@ -8,6 +8,13 @@ import java.io.FileNotFoundException; import java.io.FileWriter; import java.io.IOException; import java.math.BigInteger; +import java.io.InputStream; +import java.security.KeyStore; +import java.security.KeyStoreException; +import java.security.NoSuchAlgorithmException; +import java.security.cert.CertificateException; +import java.security.cert.CertificateFactory; +import java.security.cert.X509Certificate; import org.json.JSONException; import org.json.JSONObject; @@ -19,6 +26,7 @@ import android.util.Log; public class ConfigHelper { public static SharedPreferences shared_preferences; + private static KeyStore keystore_trusted; final static String downloadJsonFilesBundleExtra = "downloadJSONFiles"; final static String downloadNewProviderDotJSON = "downloadNewProviderDotJSON"; @@ -30,7 +38,7 @@ public class ConfigHelper { final static String eip_service_key = "eip"; public static final String PREFERENCES_KEY = "LEAPPreferences"; public static final String user_directory = "leap_android"; - public static String provider_key_url = "provider_main_url"; + public static String provider_main_url = "provider_main_url"; final public static String srp_server_url_key = "srp_server_url"; final public static String username_key = "username"; final public static String password_key = "password"; @@ -104,4 +112,75 @@ public class ConfigHelper { SharedPreferences shared_preferences) { ConfigHelper.shared_preferences = shared_preferences; } + + public static void addTrustedCertificate(String provider, InputStream inputStream) { + CertificateFactory cf; + try { + cf = CertificateFactory.getInstance("X.509"); + X509Certificate cert = + (X509Certificate)cf.generateCertificate(inputStream); + keystore_trusted.setCertificateEntry(provider, cert); + } catch (CertificateException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } catch (KeyStoreException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + } + + public static void addTrustedCertificate(String provider, String certificate) { + String filename_to_save = provider + "_certificate.cer"; + saveFile(filename_to_save, certificate); + CertificateFactory cf; + try { + cf = CertificateFactory.getInstance("X.509"); + X509Certificate cert = + (X509Certificate)cf.generateCertificate(openFileInputStream(filename_to_save)); + keystore_trusted.setCertificateEntry(provider, cert); + } catch (CertificateException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } catch (KeyStoreException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + } + + public static KeyStore getKeystore() { + return keystore_trusted; + } + + public static void getNewKeystore(InputStream leap_keystore) { + try { + keystore_trusted = KeyStore.getInstance("BKS"); + try { + // Initialize the keystore with the provided trusted certificates + // Also provide the password of the keystore + keystore_trusted.load(leap_keystore, "uer92jf".toCharArray()); + //keystore_trusted.load(null, null); + } finally { + leap_keystore.close(); + } + } catch (KeyStoreException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } catch (NoSuchAlgorithmException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } catch (CertificateException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } catch (IOException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + } + + public static int getSrpAuthenticationFailed() { + return SRP_AUTHENTICATION_FAILED; + }static String extractProviderName(String provider_main_url) { + + return null; + } } diff --git a/src/se/leap/leapclient/ConfigurationWizard.java b/src/se/leap/leapclient/ConfigurationWizard.java index 33ff31fe..0d445227 100644 --- a/src/se/leap/leapclient/ConfigurationWizard.java +++ b/src/se/leap/leapclient/ConfigurationWizard.java @@ -1,6 +1,7 @@ package se.leap.leapclient;
import java.io.IOException;
+import java.io.InputStream;
import java.io.InputStreamReader;
import java.util.Iterator;
import java.util.Scanner;
@@ -16,11 +17,11 @@ import android.app.Fragment; import android.app.FragmentManager;
import android.app.FragmentTransaction;
import android.content.Intent;
-import android.content.SharedPreferences;
import android.content.res.AssetManager;
import android.os.Bundle;
import android.os.Handler;
import android.view.View;
+import android.widget.Toast;
/**
@@ -56,9 +57,16 @@ public class ConfigurationWizard extends Activity super.onCreate(savedInstanceState);
setContentView(R.layout.activity_configuration_wizard);
-
+ + ConfigHelper.setSharedPreferences(getSharedPreferences(ConfigHelper.PREFERENCES_KEY, MODE_PRIVATE));
+ loadPreseededProviders();
+ if(ConfigHelper.getKeystore() == null) {
+ InputStream keystore_input_stream = getResources().openRawResource(R.raw.leapkeystore);
+ ConfigHelper.getNewKeystore(keystore_input_stream);
+ }
+
// Only create our fragments if we're not restoring a saved instance
if ( savedInstanceState == null ){
// TODO Some welcome screen?
@@ -114,29 +122,26 @@ public class ConfigurationWizard extends Activity if(current_provider_item.id.equalsIgnoreCase(id))
{
try {
- if(!current_provider_item.custom)
- processAssetsFiles(current_provider_item);
- // TODO ask Provider class to save provider.json, setResult(OK), finish() to ConfigurationWizard
- downloadJSONFiles(current_provider_item);
+ saveProviderJson(current_provider_item);
+ downloadJSONFiles(current_provider_item);
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
}
-
- // FIXME!! We're going to have more Fragments and listeners, flow control?
- // TODO There is no testing done to know if we're okay...
- setResult(RESULT_OK);
- finish();
}
}
- private void processAssetsFiles(ProviderItem current_provider_item) {
+ private void saveProviderJson(ProviderItem current_provider_item) {
AssetManager assets_manager = getAssets();
JSONObject provider_json = new JSONObject();
try {
- String provider_contents = new Scanner(new InputStreamReader(assets_manager.open(current_provider_item.provider_json_assets))).useDelimiter("\\A").next();
+ String provider_contents = "";
+ if(!current_provider_item.custom)
+ provider_contents = new Scanner(new InputStreamReader(assets_manager.open(current_provider_item.provider_json_filename))).useDelimiter("\\A").next();
+ else
+ provider_contents = new Scanner(ConfigHelper.openFileInputStream(current_provider_item.provider_json_filename)).useDelimiter("\\A").next();
provider_json = new JSONObject(provider_contents);
} catch (IOException e) {
// TODO Auto-generated catch block
@@ -148,17 +153,21 @@ public class ConfigurationWizard extends Activity }
private void downloadJSONFiles(ProviderItem current_provider_item) throws IOException {
+ providerAPI_result_receiver = new ProviderAPIResultReceiver(new Handler());
+ providerAPI_result_receiver.setReceiver(this);
+
Intent provider_API_command = new Intent(this, ProviderAPI.class);
Bundle method_and_parameters = new Bundle();
+
+ method_and_parameters.putString(ConfigHelper.provider_key, current_provider_item.name);
method_and_parameters.putString(ConfigHelper.cert_key, current_provider_item.cert_json_url);
method_and_parameters.putString(ConfigHelper.eip_service_key, current_provider_item.eip_service_json_url);
provider_API_command.putExtra(ConfigHelper.downloadJsonFilesBundleExtra, method_and_parameters);
provider_API_command.putExtra("receiver", providerAPI_result_receiver);
-
+ startService(provider_API_command);
-
}
public void addNewProvider(View view) {
@@ -174,14 +183,14 @@ public class ConfigurationWizard extends Activity }
@Override
- public void saveProvider(String provider_url) {
+ public void saveProvider(String provider_main_url) {
providerAPI_result_receiver = new ProviderAPIResultReceiver(new Handler());
providerAPI_result_receiver.setReceiver(this);
Intent provider_API_command = new Intent(this, ProviderAPI.class);
Bundle method_and_parameters = new Bundle();
- method_and_parameters.putString(ConfigHelper.provider_key_url, provider_url);
+ method_and_parameters.putString(ConfigHelper.provider_main_url, provider_main_url);
provider_API_command.putExtra(ConfigHelper.downloadNewProviderDotJSON, method_and_parameters);
provider_API_command.putExtra("receiver", providerAPI_result_receiver);
@@ -198,12 +207,14 @@ public class ConfigurationWizard extends Activity fragmentManager.beginTransaction()
.replace(R.id.configuration_wizard_layout, providerList, "providerlist")
.commit();
+ } + else if(resultCode == ConfigHelper.CORRECTLY_DOWNLOADED_JSON_FILES) {
+ setResult(RESULT_OK);
+ finish();
}
else if(resultCode == ConfigHelper.INCORRECTLY_DOWNLOADED_JSON_FILES) {
- // TODO Show error
- }
- else if(resultCode == ConfigHelper.CORRECTLY_DOWNLOADED_JSON_FILES) {
- // TODO Show nothing? Show success?
+ setResult(RESULT_CANCELED);
+ Toast.makeText(getApplicationContext(), "You have not entered a LEAP provider URL", Toast.LENGTH_LONG).show(); }
}
}
diff --git a/src/se/leap/leapclient/LeapHttpClient.java b/src/se/leap/leapclient/LeapHttpClient.java index fd6db745..d1908c34 100644 --- a/src/se/leap/leapclient/LeapHttpClient.java +++ b/src/se/leap/leapclient/LeapHttpClient.java @@ -1,6 +1,5 @@ package se.leap.leapclient; -import java.io.InputStream; import java.security.KeyStore; import org.apache.http.conn.ClientConnectionManager; @@ -35,23 +34,16 @@ public class LeapHttpClient extends DefaultHttpClient { private SSLSocketFactory newSslSocketFactory() { try { // Get an instance of the Bouncy Castle KeyStore format - KeyStore trusted = KeyStore.getInstance("BKS"); - // Get the raw resource, which contains the keystore with - // your trusted certificates (root and any intermediate certs) - InputStream in = context.getResources().openRawResource(R.raw.leapkeystore); - try { - // Initialize the keystore with the provided trusted certificates - // Also provide the password of the keystore - trusted.load(in, "uer92jf".toCharArray()); - } finally { - in.close(); - } + KeyStore trusted = ConfigHelper.getKeystore(); + // Pass the keystore to the SSLSocketFactory. The factory is responsible // for the verification of the server certificate. SSLSocketFactory sf = new SSLSocketFactory(trusted); + // Hostname verification from certificate // http://hc.apache.org/httpcomponents-client-ga/tutorial/html/connmgmt.html#d4e506 sf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); + return sf; } catch (Exception e) { throw new AssertionError(e); diff --git a/src/se/leap/leapclient/NewProviderDialog.java b/src/se/leap/leapclient/NewProviderDialog.java index 09e7453a..88e4711c 100644 --- a/src/se/leap/leapclient/NewProviderDialog.java +++ b/src/se/leap/leapclient/NewProviderDialog.java @@ -8,8 +8,6 @@ import android.content.DialogInterface; import android.os.Bundle; import android.view.LayoutInflater; import android.view.View; -import android.view.ViewGroup; -import android.webkit.WebView.FindListener; import android.widget.EditText; import android.widget.Toast; @@ -52,10 +50,10 @@ public class NewProviderDialog extends DialogFragment { String entered_url = url_input_field.getText().toString().trim(); if(validURL(entered_url)) { interface_with_ConfigurationWizard.saveProvider(entered_url); - Toast.makeText(getActivity().getApplicationContext(), "Valid URL", Toast.LENGTH_LONG).show(); + Toast.makeText(getActivity().getApplicationContext(), "It seems your URL is well formed", Toast.LENGTH_LONG).show(); } else { url_input_field.setText(""); - Toast.makeText(getActivity().getApplicationContext(), "Not valid URL", Toast.LENGTH_LONG).show(); + Toast.makeText(getActivity().getApplicationContext(), "It seems your URL is not well formed", Toast.LENGTH_LONG).show(); } } }) diff --git a/src/se/leap/leapclient/ProviderAPI.java b/src/se/leap/leapclient/ProviderAPI.java index ea1410ad..4ffd2762 100644 --- a/src/se/leap/leapclient/ProviderAPI.java +++ b/src/se/leap/leapclient/ProviderAPI.java @@ -4,6 +4,9 @@ import java.io.IOException; import java.math.BigInteger; import java.security.NoSuchAlgorithmException; import java.util.List; +import java.net.MalformedURLException; +import java.net.URL; +import java.net.UnknownHostException; import java.util.Scanner; import org.apache.http.HttpEntity; @@ -17,7 +20,6 @@ import org.apache.http.cookie.Cookie; import org.apache.http.impl.client.DefaultHttpClient; import org.apache.http.protocol.BasicHttpContext; import org.apache.http.protocol.HttpContext; -import org.jboss.security.srp.SRPClientSession; import org.jboss.security.srp.SRPParameters; import org.json.JSONException; import org.json.JSONObject; @@ -42,7 +44,6 @@ public class ProviderAPI extends IntentService { final ResultReceiver receiver = task_for.getParcelableExtra("receiver"); Bundle task; - System.out.println("onHandleIntent called"); if((task = task_for.getBundleExtra(ConfigHelper.downloadJsonFilesBundleExtra)) != null) { if(!downloadJsonFiles(task)) receiver.send(ConfigHelper.INCORRECTLY_DOWNLOADED_JSON_FILES, Bundle.EMPTY); @@ -50,35 +51,10 @@ public class ProviderAPI extends IntentService { receiver.send(ConfigHelper.CORRECTLY_DOWNLOADED_JSON_FILES, Bundle.EMPTY); } else if ((task = task_for.getBundleExtra(ConfigHelper.downloadNewProviderDotJSON)) != null) { - boolean custom = true; - String provider_main_url = (String) task.get(ConfigHelper.provider_key_url); - String provider_name = provider_main_url.replaceFirst("http[s]?://", "").replaceFirst("\\/", "_"); - String provider_json_url = guessURL(provider_main_url); - try { - JSONObject provider_json = getJSONFromProvider(provider_json_url); - String filename = provider_name + "_provider.json".replaceFirst("__", "_"); - ConfigHelper.saveFile(filename, provider_json.toString()); - ProviderListContent.addItem(new ProviderItem(provider_name, ConfigHelper.openFileInputStream(filename), custom)); - receiver.send(ConfigHelper.CUSTOM_PROVIDER_ADDED, Bundle.EMPTY); - } catch (IOException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } catch (JSONException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - } - else if ((task = task_for.getBundleExtra(ConfigHelper.srpRegister)) != null) { - if(!registerWithSRP(task)) - receiver.send(ConfigHelper.SRP_REGISTRATION_FAILED, Bundle.EMPTY); - else - receiver.send(ConfigHelper.SRP_REGISTRATION_SUCCESSFUL, Bundle.EMPTY); - } - else if ((task = task_for.getBundleExtra(ConfigHelper.srpAuth)) != null) { - if(!authenticateBySRP(task)) - receiver.send(ConfigHelper.SRP_AUTHENTICATION_FAILED, Bundle.EMPTY); + if(downloadNewProviderDotJSON(task)) + receiver.send(ConfigHelper.CORRECTLY_DOWNLOADED_JSON_FILES, Bundle.EMPTY); else - receiver.send(ConfigHelper.SRP_AUTHENTICATION_SUCCESSFUL, Bundle.EMPTY); + receiver.send(ConfigHelper.INCORRECTLY_DOWNLOADED_JSON_FILES, Bundle.EMPTY); } } @@ -202,6 +178,86 @@ public class ProviderAPI extends IntentService { return json_response.getString("M2").getBytes(); } + private boolean downloadNewProviderDotJSON(Bundle task) { + boolean custom = true; + String provider_main_url = (String) task.get(ConfigHelper.provider_main_url); + String provider_name = provider_main_url.replaceFirst("http[s]?://", "").replaceFirst("\\/", "_"); + String provider_json_url = guessURL(provider_main_url); + JSONObject provider_json = null; + try { + provider_json = getJSONFromProvider(provider_json_url); + } catch (IOException e) { + // It could happen that an https site used a certificate not trusted. + provider_json = downloadNewProviderDotJsonWithoutCert(provider_json_url); + } catch (JSONException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + return false; + } + + if(provider_json == null) { + return false; + } else { + String filename = provider_name + "_provider.json".replaceFirst("__", "_"); + ConfigHelper.saveFile(filename, provider_json.toString()); + ConfigHelper.saveSharedPref(ConfigHelper.provider_key, provider_json); + + ProviderListContent.addItem(new ProviderItem(provider_name, ConfigHelper.openFileInputStream(filename), custom)); + return true; + } + } + + private boolean downloadJsonFilesBundleExtra(Bundle task) { + //TODO task only contains provider main url -> we need to infer cert_url, provider_name and eip_service_json_url from that. + String provider_main_url = (String) task.get(ConfigHelper.provider_main_url); + String provider_name = ConfigHelper.extractProviderName(provider_main_url); + String cert_url = (String) task.get(ConfigHelper.cert_key); + String eip_service_json_url = (String) task.get(ConfigHelper.eip_service_key); + try { + //JSONObject provider_json = new JSONObject("{ \"provider\" : \"" + provider_name + "\"}"); + //ConfigHelper.saveSharedPref(ConfigHelper.provider_key, provider_json); + + /*String cert_string = getStringFromProvider(cert_url); + JSONObject cert_json = new JSONObject("{ \"certificate\" : \"" + cert_string + "\"}"); + ConfigHelper.saveSharedPref(ConfigHelper.cert_key, cert_json); + ConfigHelper.addTrustedCertificate(provider_name, cert_string);*/ + URL cacert = new URL(cert_url); + ConfigHelper.addTrustedCertificate(provider_name, cacert.openStream()); + JSONObject eip_service_json = getJSONFromProvider(eip_service_json_url); + ConfigHelper.saveSharedPref(ConfigHelper.eip_service_key, eip_service_json); + return true; + } catch (IOException e) { + //TODO It could happen when the url is not valid. + e.printStackTrace(); + return false; + } catch (JSONException e) { + ConfigHelper.rescueJSONException(e); + return false; + } catch(Exception e) { + e.printStackTrace(); + return false; + } + } + + private JSONObject downloadNewProviderDotJsonWithoutCert( + String provider_json_url) { + JSONObject provider_json = null; + try { + URL provider_url = new URL(provider_json_url); + String provider_json_string = new Scanner(provider_url.openStream()).useDelimiter("\\A").next(); + provider_json = new JSONObject(provider_json_string); + } catch (MalformedURLException e1) { + e1.printStackTrace(); + } catch (UnknownHostException e1) { + e1.printStackTrace(); + } catch (IOException e1) { + e1.printStackTrace(); + } catch (JSONException e1) { + e1.printStackTrace(); + } + return provider_json; + } + private String guessURL(String provider_main_url) { return provider_main_url + "/provider.json"; } diff --git a/src/se/leap/leapclient/ProviderListContent.java b/src/se/leap/leapclient/ProviderListContent.java index d475d368..dd227bfd 100644 --- a/src/se/leap/leapclient/ProviderListContent.java +++ b/src/se/leap/leapclient/ProviderListContent.java @@ -41,7 +41,7 @@ public class ProviderListContent { public String id;
public String name;
public String provider_json_url;
- public String provider_json_assets;
+ public String provider_json_filename;
public String eip_service_json_url;
public String cert_json_url;
@@ -63,7 +63,7 @@ public class ProviderListContent { id = name;
this.name = name;
provider_json_url = (String) file_contents.get("json_provider");
- provider_json_assets = (String) file_contents.get("assets_json_provider");
+ provider_json_filename = (String) file_contents.get("assets_json_provider");
eip_service_json_url = (String) file_contents.get("json_eip_service");
cert_json_url = (String) file_contents.get("cert");
this.custom = custom;
@@ -88,6 +88,8 @@ public class ProviderListContent { eip_service_json_url = (String) file_contents.get("api_uri") + ConfigHelper.eip_service_api_path;
cert_json_url = (String) file_contents.get("ca_cert_uri");
this.custom = custom;
+ if(custom)
+ provider_json_filename = name + "_provider.json".replaceFirst("__", "_");
} catch (JSONException e) {
// TODO Auto-generated catch block
e.printStackTrace();
|