From 319589d126dd5e5fa20ee146f52268c99559f04c Mon Sep 17 00:00:00 2001 From: cyBerta Date: Wed, 3 Jan 2018 15:59:30 +0100 Subject: 8773 preseeded providers implementation for production flavor --- .../java/se/leap/bitmaskclient/ConfigHelper.java | 49 +++++++++++++++++++++- 1 file changed, 48 insertions(+), 1 deletion(-) (limited to 'app/src/main/java/se/leap/bitmaskclient/ConfigHelper.java') diff --git a/app/src/main/java/se/leap/bitmaskclient/ConfigHelper.java b/app/src/main/java/se/leap/bitmaskclient/ConfigHelper.java index fd1e2080..ed527a54 100644 --- a/app/src/main/java/se/leap/bitmaskclient/ConfigHelper.java +++ b/app/src/main/java/se/leap/bitmaskclient/ConfigHelper.java @@ -27,6 +27,8 @@ import java.security.cert.*; import java.security.interfaces.*; import java.security.spec.*; +import static android.R.attr.name; + /** * Stores constants, and implements auxiliary methods used across all LEAP Android classes. * @@ -34,6 +36,7 @@ import java.security.spec.*; * @author MeanderingCode */ public class ConfigHelper { + private static final String TAG = ConfigHelper.class.getName(); private static KeyStore keystore_trusted; final public static String NG_1024 = @@ -42,7 +45,7 @@ public class ConfigHelper { public static boolean checkErroneousDownload(String downloaded_string) { try { - if (new JSONObject(downloaded_string).has(ProviderAPI.ERRORS) || downloaded_string.isEmpty()) { + if (downloaded_string == null || downloaded_string.isEmpty() || new JSONObject(downloaded_string).has(ProviderAPI.ERRORS)) { return true; } else { return false; @@ -99,6 +102,38 @@ public class ConfigHelper { return (X509Certificate) certificate; } + + public static String loadInputStreamAsString(InputStream inputStream) { + BufferedReader in = null; + try { + StringBuilder buf = new StringBuilder(); + in = new BufferedReader(new InputStreamReader(inputStream)); + + String str; + boolean isFirst = true; + while ( (str = in.readLine()) != null ) { + if (isFirst) + isFirst = false; + else + buf.append('\n'); + buf.append(str); + } + return buf.toString(); + } catch (IOException e) { + Log.e(TAG, "Error opening asset " + name); + } finally { + if (in != null) { + try { + in.close(); + } catch (IOException e) { + Log.e(TAG, "Error closing asset " + name); + } + } + } + + return null; + } + protected static RSAPrivateKey parseRsaKeyFromString(String rsaKeyString) { RSAPrivateKey key = null; try { @@ -126,6 +161,18 @@ public class ConfigHelper { return key; } + public static String base64toHex(String base64_input) { + byte[] byteArray = Base64.decode(base64_input, Base64.DEFAULT); + int readBytes = byteArray.length; + StringBuffer hexData = new StringBuffer(); + int onebyte; + for (int i = 0; i < readBytes; i++) { + onebyte = ((0x000000ff & byteArray[i]) | 0xffffff00); + hexData.append(Integer.toHexString(onebyte).substring(6)); + } + return hexData.toString(); + } + /** * Adds a new X509 certificate given its input stream and its provider name * -- cgit v1.2.3 From 0b647ea5e7ff67747080b2ffcebc948da0fbecb5 Mon Sep 17 00:00:00 2001 From: cyBerta Date: Tue, 9 Jan 2018 20:55:10 +0100 Subject: 8773 refactoring ProviderAPI for testability, setting up basic unit test framework --- .../java/se/leap/bitmaskclient/ConfigHelper.java | 60 ++++++++++++++-------- 1 file changed, 40 insertions(+), 20 deletions(-) (limited to 'app/src/main/java/se/leap/bitmaskclient/ConfigHelper.java') diff --git a/app/src/main/java/se/leap/bitmaskclient/ConfigHelper.java b/app/src/main/java/se/leap/bitmaskclient/ConfigHelper.java index ed527a54..54bcc1f4 100644 --- a/app/src/main/java/se/leap/bitmaskclient/ConfigHelper.java +++ b/app/src/main/java/se/leap/bitmaskclient/ConfigHelper.java @@ -16,16 +16,33 @@ */ package se.leap.bitmaskclient; -import android.util.*; - -import org.json.*; - -import java.io.*; -import java.math.*; -import java.security.*; -import java.security.cert.*; -import java.security.interfaces.*; -import java.security.spec.*; +import android.support.annotation.NonNull; +import android.util.Log; + +import org.json.JSONException; +import org.json.JSONObject; +import org.spongycastle.util.encoders.Base64; + +import java.io.BufferedReader; +import java.io.ByteArrayInputStream; +import java.io.IOException; +import java.io.InputStream; +import java.io.InputStreamReader; +import java.io.UnsupportedEncodingException; +import java.math.BigInteger; +import java.security.KeyFactory; +import java.security.KeyStore; +import java.security.KeyStoreException; +import java.security.MessageDigest; +import java.security.NoSuchAlgorithmException; +import java.security.NoSuchProviderException; +import java.security.cert.CertificateEncodingException; +import java.security.cert.CertificateException; +import java.security.cert.CertificateFactory; +import java.security.cert.X509Certificate; +import java.security.interfaces.RSAPrivateKey; +import java.security.spec.InvalidKeySpecException; +import java.security.spec.PKCS8EncodedKeySpec; import static android.R.attr.name; @@ -82,7 +99,7 @@ public class ConfigHelper { cf = CertificateFactory.getInstance("X.509"); certificate_string = certificate_string.replaceFirst("-----BEGIN CERTIFICATE-----", "").replaceFirst("-----END CERTIFICATE-----", "").trim(); - byte[] cert_bytes = Base64.decode(certificate_string, Base64.DEFAULT); + byte[] cert_bytes = Base64.decode(certificate_string); InputStream caInput = new ByteArrayInputStream(cert_bytes); try { certificate = cf.generateCertificate(caInput); @@ -90,15 +107,9 @@ public class ConfigHelper { } finally { caInput.close(); } - } catch (CertificateException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } catch (IOException e) { - return null; - } catch (IllegalArgumentException e) { + } catch (NullPointerException | CertificateException | IOException | IllegalArgumentException e) { return null; } - return (X509Certificate) certificate; } @@ -139,7 +150,7 @@ public class ConfigHelper { try { KeyFactory kf = KeyFactory.getInstance("RSA", "BC"); rsaKeyString = rsaKeyString.replaceFirst("-----BEGIN RSA PRIVATE KEY-----", "").replaceFirst("-----END RSA PRIVATE KEY-----", ""); - PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(Base64.decode(rsaKeyString, Base64.DEFAULT)); + PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(Base64.decode(rsaKeyString)); key = (RSAPrivateKey) kf.generatePrivate(keySpec); } catch (InvalidKeySpecException e) { // TODO Auto-generated catch block @@ -162,7 +173,7 @@ public class ConfigHelper { } public static String base64toHex(String base64_input) { - byte[] byteArray = Base64.decode(base64_input, Base64.DEFAULT); + byte[] byteArray = Base64.decode(base64_input); int readBytes = byteArray.length; StringBuffer hexData = new StringBuffer(); int onebyte; @@ -172,6 +183,15 @@ public class ConfigHelper { } return hexData.toString(); } + + @NonNull + public static String getFingerprintFromCertificate(X509Certificate certificate, String encoding) throws NoSuchAlgorithmException, CertificateEncodingException /*, UnsupportedEncodingException*/ { + return base64toHex( + //new String(Base64.encode(MessageDigest.getInstance(encoding).digest(certificate.getEncoded())), "US-ASCII")); + android.util.Base64.encodeToString( + MessageDigest.getInstance(encoding).digest(certificate.getEncoded()), + android.util.Base64.DEFAULT)); + } /** * Adds a new X509 certificate given its input stream and its provider name -- cgit v1.2.3 From ae8341cf1f563fbcf2bdd6a4eff9525f42e9e995 Mon Sep 17 00:00:00 2001 From: cyBerta Date: Wed, 10 Jan 2018 17:14:45 +0100 Subject: 8773 more test cases and clean-up --- .../java/se/leap/bitmaskclient/ConfigHelper.java | 25 +++++++++++++--------- 1 file changed, 15 insertions(+), 10 deletions(-) (limited to 'app/src/main/java/se/leap/bitmaskclient/ConfigHelper.java') diff --git a/app/src/main/java/se/leap/bitmaskclient/ConfigHelper.java b/app/src/main/java/se/leap/bitmaskclient/ConfigHelper.java index 54bcc1f4..0e861059 100644 --- a/app/src/main/java/se/leap/bitmaskclient/ConfigHelper.java +++ b/app/src/main/java/se/leap/bitmaskclient/ConfigHelper.java @@ -47,7 +47,7 @@ import java.security.spec.PKCS8EncodedKeySpec; import static android.R.attr.name; /** - * Stores constants, and implements auxiliary methods used across all LEAP Android classes. + * Stores constants, and implements auxiliary methods used across all Bitmask Android classes. * * @author parmegv * @author MeanderingCode @@ -172,25 +172,30 @@ public class ConfigHelper { return key; } - public static String base64toHex(String base64_input) { - byte[] byteArray = Base64.decode(base64_input); - int readBytes = byteArray.length; + private static String byteArrayToHex(byte[] input) { + int readBytes = input.length; StringBuffer hexData = new StringBuffer(); int onebyte; for (int i = 0; i < readBytes; i++) { - onebyte = ((0x000000ff & byteArray[i]) | 0xffffff00); + onebyte = ((0x000000ff & input[i]) | 0xffffff00); hexData.append(Integer.toHexString(onebyte).substring(6)); } return hexData.toString(); } + /** + * Calculates the hexadecimal representation of a sha256/sha1 fingerprint of a certificate + * + * @param certificate + * @param encoding + * @return + * @throws NoSuchAlgorithmException + * @throws CertificateEncodingException + */ @NonNull public static String getFingerprintFromCertificate(X509Certificate certificate, String encoding) throws NoSuchAlgorithmException, CertificateEncodingException /*, UnsupportedEncodingException*/ { - return base64toHex( - //new String(Base64.encode(MessageDigest.getInstance(encoding).digest(certificate.getEncoded())), "US-ASCII")); - android.util.Base64.encodeToString( - MessageDigest.getInstance(encoding).digest(certificate.getEncoded()), - android.util.Base64.DEFAULT)); + byte[] byteArray = MessageDigest.getInstance(encoding).digest(certificate.getEncoded()); + return byteArrayToHex(byteArray); } /** -- cgit v1.2.3