From e2b289726f3c1813f9fafecc94bc61a70dbdb899 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Parm=C3=A9nides=20GV?= <parmegv@sdf.org>
Date: Tue, 21 Apr 2015 20:37:19 +0200
Subject: Pinning connection to provider.json

Using AndroidPinning library from Moxie, I make sure the provider.json
file Bitmask downloads is fetched from a pinned https connection, so
that the api certificate fingerprint is the good one.
---
 app/src/main/java/se/leap/bitmaskclient/Provider.java | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

(limited to 'app/src/main/java/se/leap/bitmaskclient/Provider.java')

diff --git a/app/src/main/java/se/leap/bitmaskclient/Provider.java b/app/src/main/java/se/leap/bitmaskclient/Provider.java
index ee06a586..54bfcc19 100644
--- a/app/src/main/java/se/leap/bitmaskclient/Provider.java
+++ b/app/src/main/java/se/leap/bitmaskclient/Provider.java
@@ -32,6 +32,7 @@ public final class Provider implements Parcelable {
 
     private JSONObject definition; // Represents our Provider's provider.json
     private URL main_url;
+    private String certificate_pin;
 
     final public static String
             API_URL = "api_uri",
@@ -62,8 +63,9 @@ public final class Provider implements Parcelable {
         this.main_url = main_url;
     }
 
-    public Provider(File provider_file) {
-
+    public Provider(URL main_url, String certificate_pin) {
+        this.main_url = main_url;
+        this.certificate_pin = certificate_pin;
     }
 
     public static final Parcelable.Creator<Provider> CREATOR
@@ -81,11 +83,9 @@ public final class Provider implements Parcelable {
         try {
             main_url = new URL(in.readString());
             String definition_string = in.readString();
-            if (definition_string != null)
+            if (!definition_string.isEmpty())
                 definition = new JSONObject((definition_string));
-        } catch (MalformedURLException e) {
-            e.printStackTrace();
-        } catch (JSONException e) {
+        } catch (MalformedURLException | JSONException e) {
             e.printStackTrace();
         }
     }
@@ -106,6 +106,8 @@ public final class Provider implements Parcelable {
         return main_url;
     }
 
+    protected String certificatePin() { return certificate_pin; }
+
     protected String getName() {
         // Should we pass the locale in, or query the system here?
         String lang = Locale.getDefault().getLanguage();
-- 
cgit v1.2.3