From 8e5ce3e312f03035314b6ab036c625f83a515fc7 Mon Sep 17 00:00:00 2001
From: cyBerta <cyberta@riseup.net>
Date: Mon, 13 Dec 2021 10:11:52 +0100
Subject: add hexacab config testwise

---
 app/src/main/java/se/leap/bitmaskclient/base/utils/ConfigHelper.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'app/src/main/java/se/leap/bitmaskclient/base/utils/ConfigHelper.java')

diff --git a/app/src/main/java/se/leap/bitmaskclient/base/utils/ConfigHelper.java b/app/src/main/java/se/leap/bitmaskclient/base/utils/ConfigHelper.java
index 6c242e5a..dccb5678 100644
--- a/app/src/main/java/se/leap/bitmaskclient/base/utils/ConfigHelper.java
+++ b/app/src/main/java/se/leap/bitmaskclient/base/utils/ConfigHelper.java
@@ -105,7 +105,7 @@ public class ConfigHelper {
         try {
             cf = CertificateFactory.getInstance("X.509");
 
-            certificateString = certificateString.replaceFirst("-----BEGIN CERTIFICATE-----", "").replaceFirst("-----END CERTIFICATE-----", "").trim();
+            certificateString = certificateString.replaceAll("-----BEGIN CERTIFICATE-----", "").trim().replaceAll("-----END CERTIFICATE-----", "").trim();
             byte[] cert_bytes = Base64.decode(certificateString);
             InputStream caInput = new ByteArrayInputStream(cert_bytes);
             try {
-- 
cgit v1.2.3


From 8411cd82c0572e0e871c1cf93e0d4c05b35fb999 Mon Sep 17 00:00:00 2001
From: cyBerta <cyberta@riseup.net>
Date: Thu, 16 Dec 2021 23:45:41 +0100
Subject: allow to parse and handle multiple certs in a pem file

---
 .../bitmaskclient/base/utils/ConfigHelper.java     | 32 ++++++++++++++--------
 1 file changed, 20 insertions(+), 12 deletions(-)

(limited to 'app/src/main/java/se/leap/bitmaskclient/base/utils/ConfigHelper.java')

diff --git a/app/src/main/java/se/leap/bitmaskclient/base/utils/ConfigHelper.java b/app/src/main/java/se/leap/bitmaskclient/base/utils/ConfigHelper.java
index dccb5678..0a81b9cb 100644
--- a/app/src/main/java/se/leap/bitmaskclient/base/utils/ConfigHelper.java
+++ b/app/src/main/java/se/leap/bitmaskclient/base/utils/ConfigHelper.java
@@ -20,6 +20,7 @@ import android.content.Context;
 import android.content.res.Resources;
 import android.os.Build;
 import android.os.Looper;
+import android.util.Log;
 
 import androidx.annotation.NonNull;
 import androidx.annotation.Nullable;
@@ -37,6 +38,7 @@ import java.security.KeyFactory;
 import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
 import java.security.NoSuchProviderException;
+import java.security.cert.Certificate;
 import java.security.cert.CertificateEncodingException;
 import java.security.cert.CertificateException;
 import java.security.cert.CertificateFactory;
@@ -44,10 +46,13 @@ import java.security.cert.X509Certificate;
 import java.security.interfaces.RSAPrivateKey;
 import java.security.spec.InvalidKeySpecException;
 import java.security.spec.PKCS8EncodedKeySpec;
+import java.util.ArrayList;
 import java.util.Calendar;
+import java.util.Collection;
 import java.util.regex.Matcher;
 import java.util.regex.Pattern;
 
+import de.blinkt.openvpn.core.VpnStatus;
 import se.leap.bitmaskclient.BuildConfig;
 import se.leap.bitmaskclient.R;
 import se.leap.bitmaskclient.providersetup.ProviderAPI;
@@ -99,25 +104,28 @@ public class ConfigHelper {
         return ret;
     }
 
-    public static X509Certificate parseX509CertificateFromString(String certificateString) {
-        java.security.cert.Certificate certificate = null;
+    public static ArrayList<X509Certificate> parseX509CertificatesFromString(String certificateString) {
+        Collection<? extends Certificate> certificates;
         CertificateFactory cf;
         try {
             cf = CertificateFactory.getInstance("X.509");
 
             certificateString = certificateString.replaceAll("-----BEGIN CERTIFICATE-----", "").trim().replaceAll("-----END CERTIFICATE-----", "").trim();
-            byte[] cert_bytes = Base64.decode(certificateString);
-            InputStream caInput = new ByteArrayInputStream(cert_bytes);
-            try {
-                certificate = cf.generateCertificate(caInput);
-                System.out.println("ca=" + ((X509Certificate) certificate).getSubjectDN());
-            } finally {
-                caInput.close();
+            byte[] certBytes = Base64.decode(certificateString);
+            try (InputStream caInput = new ByteArrayInputStream(certBytes)) {
+                certificates = cf.generateCertificates(caInput);
+                if (certificates != null) {
+                    for (Certificate cert : certificates) {
+                        System.out.println("ca=" + ((X509Certificate) cert).getSubjectDN());
+                    }
+                    return (ArrayList<X509Certificate>) certificates;
+                }
             }
-        } catch (NullPointerException | CertificateException | IOException | IllegalArgumentException e) {
-            return null;
+        } catch (NullPointerException | CertificateException | IOException | IllegalArgumentException | ClassCastException e) {
+            e.printStackTrace();
         }
-        return (X509Certificate) certificate;
+
+        return null;
     }
 
     public static RSAPrivateKey parseRsaKeyFromString(String rsaKeyString) {
-- 
cgit v1.2.3


From d5e64c8c71f188df4e25715231179c979e8ab7a9 Mon Sep 17 00:00:00 2001
From: cyBerta <cyberta@riseup.net>
Date: Fri, 17 Dec 2021 02:12:35 +0100
Subject: cleanup imports

---
 app/src/main/java/se/leap/bitmaskclient/base/utils/ConfigHelper.java | 2 --
 1 file changed, 2 deletions(-)

(limited to 'app/src/main/java/se/leap/bitmaskclient/base/utils/ConfigHelper.java')

diff --git a/app/src/main/java/se/leap/bitmaskclient/base/utils/ConfigHelper.java b/app/src/main/java/se/leap/bitmaskclient/base/utils/ConfigHelper.java
index 0a81b9cb..27943022 100644
--- a/app/src/main/java/se/leap/bitmaskclient/base/utils/ConfigHelper.java
+++ b/app/src/main/java/se/leap/bitmaskclient/base/utils/ConfigHelper.java
@@ -20,7 +20,6 @@ import android.content.Context;
 import android.content.res.Resources;
 import android.os.Build;
 import android.os.Looper;
-import android.util.Log;
 
 import androidx.annotation.NonNull;
 import androidx.annotation.Nullable;
@@ -52,7 +51,6 @@ import java.util.Collection;
 import java.util.regex.Matcher;
 import java.util.regex.Pattern;
 
-import de.blinkt.openvpn.core.VpnStatus;
 import se.leap.bitmaskclient.BuildConfig;
 import se.leap.bitmaskclient.R;
 import se.leap.bitmaskclient.providersetup.ProviderAPI;
-- 
cgit v1.2.3