From c03a2997b1794ba7cb997d8e32384c45470a7d60 Mon Sep 17 00:00:00 2001 From: cyBerta Date: Tue, 23 Jul 2024 22:38:56 +0200 Subject: add support for ed25519 private keys for VPN connection setup --- .../base/utils/PrivateKeyHelperTest.java | 39 ++++++++++++++++++++++ .../bitmaskclient/eip/VpnConfigGeneratorTest.java | 4 +-- .../providersetup/ProviderApiManagerTest.java | 6 ++-- .../providersetup/ProviderApiManagerV3Test.java | 9 ++--- .../leap/bitmaskclient/testutils/MockHelper.java | 25 +++----------- 5 files changed, 52 insertions(+), 31 deletions(-) create mode 100644 app/src/test/java/se/leap/bitmaskclient/base/utils/PrivateKeyHelperTest.java (limited to 'app/src/test/java/se') diff --git a/app/src/test/java/se/leap/bitmaskclient/base/utils/PrivateKeyHelperTest.java b/app/src/test/java/se/leap/bitmaskclient/base/utils/PrivateKeyHelperTest.java new file mode 100644 index 00000000..5ad9d2e7 --- /dev/null +++ b/app/src/test/java/se/leap/bitmaskclient/base/utils/PrivateKeyHelperTest.java @@ -0,0 +1,39 @@ +package se.leap.bitmaskclient.base.utils; + +import static org.junit.Assert.assertNotNull; +import static org.junit.Assert.assertTrue; + +import android.os.Build; + +import org.junit.Test; +import org.junit.runner.RunWith; +import org.robolectric.RobolectricTestRunner; +import org.robolectric.annotation.Config; + +import java.io.IOException; +import java.security.PrivateKey; +import java.security.interfaces.EdECPrivateKey; +import java.security.interfaces.RSAPrivateKey; + +import se.leap.bitmaskclient.testutils.TestSetupHelper; + +@RunWith(RobolectricTestRunner.class) +@Config(sdk = {Build.VERSION_CODES.P, Build.VERSION_CODES.O}) +public class PrivateKeyHelperTest { + + @Test + public void parsePrivateKeyFromString_testRSA() throws IOException { + String rsa_key = TestSetupHelper.getInputAsString(getClass().getClassLoader().getResourceAsStream("private_rsa_key.pem")); + PrivateKey pk = PrivateKeyHelper.parsePrivateKeyFromString(rsa_key); + assertNotNull(pk); + assertTrue(pk instanceof RSAPrivateKey); + } + + @Test + public void parsePrivateKeyFromString_testEd25519() throws IOException { + String ed25519_key = TestSetupHelper.getInputAsString(getClass().getClassLoader().getResourceAsStream("private_ed25519_key.pem")); + PrivateKey pk = PrivateKeyHelper.parsePrivateKeyFromString(ed25519_key); + assertNotNull(pk); + assertTrue(pk instanceof EdECPrivateKey); + } +} \ No newline at end of file diff --git a/app/src/test/java/se/leap/bitmaskclient/eip/VpnConfigGeneratorTest.java b/app/src/test/java/se/leap/bitmaskclient/eip/VpnConfigGeneratorTest.java index 7581a395..547bb3df 100644 --- a/app/src/test/java/se/leap/bitmaskclient/eip/VpnConfigGeneratorTest.java +++ b/app/src/test/java/se/leap/bitmaskclient/eip/VpnConfigGeneratorTest.java @@ -27,7 +27,7 @@ import de.blinkt.openvpn.core.connection.Obfs4Connection; import se.leap.bitmaskclient.base.models.ProviderObservable; import se.leap.bitmaskclient.base.utils.BuildConfigHelper; import se.leap.bitmaskclient.base.utils.PreferenceHelper; -import se.leap.bitmaskclient.base.utils.RSAHelper; +import se.leap.bitmaskclient.base.utils.PrivateKeyHelper; import se.leap.bitmaskclient.testutils.MockHelper; import se.leap.bitmaskclient.testutils.MockSharedPreferences; import se.leap.bitmaskclient.testutils.TestSetupHelper; @@ -1347,7 +1347,7 @@ public class VpnConfigGeneratorTest { context = MockHelper.mockContext(); ProviderObservable providerObservable = MockHelper.mockProviderObservable(TestSetupHelper.getConfiguredProvider()); - RSAHelper rsaHelper = MockHelper.mockRSAHelper(); + PrivateKeyHelper privateKeyHelper = MockHelper.mockPrivateKeyHelper(); sharedPreferences = new MockSharedPreferences(); preferenceHelper = new PreferenceHelper(new MockSharedPreferences()); when(context.getCacheDir()).thenReturn(new File("/data/data/se.leap.bitmask")); diff --git a/app/src/test/java/se/leap/bitmaskclient/providersetup/ProviderApiManagerTest.java b/app/src/test/java/se/leap/bitmaskclient/providersetup/ProviderApiManagerTest.java index 711d5487..2978edc7 100644 --- a/app/src/test/java/se/leap/bitmaskclient/providersetup/ProviderApiManagerTest.java +++ b/app/src/test/java/se/leap/bitmaskclient/providersetup/ProviderApiManagerTest.java @@ -22,7 +22,7 @@ import static se.leap.bitmaskclient.testutils.MockHelper.mockClientGenerator; import static se.leap.bitmaskclient.testutils.MockHelper.mockContext; import static se.leap.bitmaskclient.testutils.MockHelper.mockPreferenceHelper; import static se.leap.bitmaskclient.testutils.MockHelper.mockProviderApiConnector; -import static se.leap.bitmaskclient.testutils.MockHelper.mockRSAHelper; +import static se.leap.bitmaskclient.testutils.MockHelper.mockPrivateKeyHelper; import static se.leap.bitmaskclient.testutils.MockHelper.mockResources; import static se.leap.bitmaskclient.testutils.MockHelper.mockResultReceiver; import static se.leap.bitmaskclient.testutils.TestSetupHelper.getConfiguredProvider; @@ -51,7 +51,7 @@ import se.leap.bitmaskclient.base.utils.BuildConfigHelper; import se.leap.bitmaskclient.base.utils.CertificateHelper; import se.leap.bitmaskclient.base.utils.HandlerProvider; import se.leap.bitmaskclient.base.utils.PreferenceHelper; -import se.leap.bitmaskclient.base.utils.RSAHelper; +import se.leap.bitmaskclient.base.utils.PrivateKeyHelper; import se.leap.bitmaskclient.testutils.MockSharedPreferences; import se.leap.bitmaskclient.tor.TorStatusObservable; @@ -221,7 +221,7 @@ public class ProviderApiManagerTest { sharedPreferences.edit().putBoolean(USE_BRIDGES, true).putBoolean(USE_SNOWFLAKE, true).commit(); PreferenceHelper preferenceHelper = mockPreferenceHelper(provider, sharedPreferences); CertificateHelper certHelper = mockCertificateHelper(" a5244308a1374709a9afce95e3ae47c1b44bc2398c0a70ccbf8b3a8a97f29494"); - RSAHelper rsaHelper = mockRSAHelper(); + PrivateKeyHelper privateKeyHelper = mockPrivateKeyHelper(); ProviderApiConnector mockedApiConnector = mockProviderApiConnector(NO_ERROR_API_V4); providerApiManager = new ProviderApiManager(mockResources, new ProviderApiManagerTest.TestProviderApiServiceCallback()); diff --git a/app/src/test/java/se/leap/bitmaskclient/providersetup/ProviderApiManagerV3Test.java b/app/src/test/java/se/leap/bitmaskclient/providersetup/ProviderApiManagerV3Test.java index a446bcfa..646d32d8 100644 --- a/app/src/test/java/se/leap/bitmaskclient/providersetup/ProviderApiManagerV3Test.java +++ b/app/src/test/java/se/leap/bitmaskclient/providersetup/ProviderApiManagerV3Test.java @@ -48,7 +48,7 @@ import static se.leap.bitmaskclient.testutils.MockHelper.mockClientGenerator; import static se.leap.bitmaskclient.testutils.MockHelper.mockContext; import static se.leap.bitmaskclient.testutils.MockHelper.mockPreferenceHelper; import static se.leap.bitmaskclient.testutils.MockHelper.mockProviderApiConnector; -import static se.leap.bitmaskclient.testutils.MockHelper.mockRSAHelper; +import static se.leap.bitmaskclient.testutils.MockHelper.mockPrivateKeyHelper; import static se.leap.bitmaskclient.testutils.MockHelper.mockResources; import static se.leap.bitmaskclient.testutils.MockHelper.mockResultReceiver; import static se.leap.bitmaskclient.testutils.TestSetupHelper.getConfiguredProvider; @@ -79,10 +79,7 @@ import se.leap.bitmaskclient.base.utils.BuildConfigHelper; import se.leap.bitmaskclient.base.utils.CertificateHelper; import se.leap.bitmaskclient.base.utils.HandlerProvider; import se.leap.bitmaskclient.base.utils.PreferenceHelper; -import se.leap.bitmaskclient.base.utils.RSAHelper; -import se.leap.bitmaskclient.providersetup.ProviderApiConnector; -import se.leap.bitmaskclient.providersetup.ProviderApiManagerBase; -import se.leap.bitmaskclient.providersetup.ProviderApiManagerV3; +import se.leap.bitmaskclient.base.utils.PrivateKeyHelper; import se.leap.bitmaskclient.testutils.MockSharedPreferences; import se.leap.bitmaskclient.tor.TorStatusObservable; @@ -608,7 +605,7 @@ public class ProviderApiManagerV3Test { Provider provider = getConfiguredProviderAPIv4(); PreferenceHelper preferenceHelper = mockPreferenceHelper(provider); CertificateHelper certHelper = mockCertificateHelper(" a5244308a1374709a9afce95e3ae47c1b44bc2398c0a70ccbf8b3a8a97f29494"); - RSAHelper rsaHelper = mockRSAHelper(); + PrivateKeyHelper privateKeyHelper = mockPrivateKeyHelper(); ProviderApiConnector mockedApiConnector = mockProviderApiConnector(ERROR_DNS_RESUOLUTION_TOR_FALLBACK); providerApiManager = new ProviderApiManagerV3(mockResources, mockClientGenerator(), new TestProviderApiServiceCallback()); diff --git a/app/src/test/java/se/leap/bitmaskclient/testutils/MockHelper.java b/app/src/test/java/se/leap/bitmaskclient/testutils/MockHelper.java index 1b94042e..5434e7bd 100644 --- a/app/src/test/java/se/leap/bitmaskclient/testutils/MockHelper.java +++ b/app/src/test/java/se/leap/bitmaskclient/testutils/MockHelper.java @@ -10,7 +10,6 @@ import static org.mockito.Mockito.doAnswer; import static org.mockito.Mockito.mock; import static org.mockito.Mockito.when; import static org.powermock.api.mockito.PowerMockito.mockStatic; -import static se.leap.bitmaskclient.base.models.Constants.PROVIDER_CONFIGURED; import static se.leap.bitmaskclient.base.models.Constants.PROVIDER_EIP_DEFINITION; import static se.leap.bitmaskclient.base.models.Constants.PROVIDER_MOTD; import static se.leap.bitmaskclient.base.models.Constants.PROVIDER_MOTD_HASHES; @@ -21,7 +20,6 @@ import static se.leap.bitmaskclient.base.models.Constants.PROVIDER_VPN_CERTIFICA import static se.leap.bitmaskclient.base.utils.PreferenceHelper.getEipDefinitionFromPreferences; import android.content.Context; -import android.content.Intent; import android.content.SharedPreferences; import android.content.pm.PackageInfo; import android.content.pm.PackageManager; @@ -30,9 +28,6 @@ import android.os.Bundle; import android.os.Parcelable; import android.os.ResultReceiver; -import androidx.annotation.NonNull; -import androidx.annotation.Nullable; - import org.json.JSONException; import org.json.JSONObject; import org.mockito.Mockito; @@ -47,17 +42,9 @@ import java.math.BigInteger; import java.net.UnknownHostException; import java.security.interfaces.RSAPrivateKey; import java.util.ArrayList; -import java.util.Arrays; -import java.util.Base64; import java.util.HashMap; -import java.util.HashSet; import java.util.Iterator; -import java.util.List; -import java.util.Map; import java.util.Set; -import java.util.Vector; -import java.util.concurrent.TimeoutException; -import java.util.concurrent.atomic.AtomicBoolean; import okhttp3.OkHttpClient; import se.leap.bitmaskclient.R; @@ -65,16 +52,14 @@ import se.leap.bitmaskclient.base.models.Provider; import se.leap.bitmaskclient.base.models.ProviderObservable; import se.leap.bitmaskclient.base.utils.CertificateHelper; import se.leap.bitmaskclient.base.utils.FileHelper; -import se.leap.bitmaskclient.base.utils.InputStreamHelper; import se.leap.bitmaskclient.base.utils.BuildConfigHelper; import se.leap.bitmaskclient.base.utils.PreferenceHelper; -import se.leap.bitmaskclient.base.utils.RSAHelper; +import se.leap.bitmaskclient.base.utils.PrivateKeyHelper; import se.leap.bitmaskclient.providersetup.ProviderApiConnector; import se.leap.bitmaskclient.providersetup.connectivity.DnsResolver; import se.leap.bitmaskclient.providersetup.connectivity.OkHttpClientGenerator; import se.leap.bitmaskclient.testutils.BackendMockResponses.BackendMockProvider; import se.leap.bitmaskclient.testutils.matchers.BundleMatcher; -import se.leap.bitmaskclient.tor.TorStatusObservable; /** * Created by cyberta on 29.01.18. @@ -160,8 +145,8 @@ public class MockHelper { return new FileHelper(new MockFileHelper(mockedFile)); } - public static RSAHelper mockRSAHelper() { - return new RSAHelper(rsaKeyString -> new RSAPrivateKey() { + public static PrivateKeyHelper mockPrivateKeyHelper() { + return new PrivateKeyHelper(rsaKeyString -> new RSAPrivateKey() { @Override public BigInteger getPrivateExponent() { return BigInteger.TEN; @@ -237,7 +222,7 @@ public class MockHelper { PreferenceHelper preferenceHelper = new PreferenceHelper(sharedPreferences); sharedPreferences.edit(). - putString(PROVIDER_PRIVATE_KEY, providerFromPrefs.getPrivateKey()). + putString(PROVIDER_PRIVATE_KEY, providerFromPrefs.getPrivateKeyString()). putString(PROVIDER_VPN_CERTIFICATE, providerFromPrefs.getVpnCertificate()). putString(Provider.KEY, providerFromPrefs.getDefinitionString()). putString(Provider.CA_CERT_FINGERPRINT, providerFromPrefs.getCaCertFingerprint()). @@ -257,7 +242,7 @@ public class MockHelper { PreferenceHelper preferenceHelper = new PreferenceHelper(sharedPreferences); sharedPreferences.edit(). - putString(PROVIDER_PRIVATE_KEY, provider.getPrivateKey()). + putString(PROVIDER_PRIVATE_KEY, provider.getPrivateKeyString()). putString(PROVIDER_VPN_CERTIFICATE, provider.getVpnCertificate()). putString(Provider.KEY, provider.getDefinitionString()). putString(Provider.CA_CERT_FINGERPRINT, provider.getCaCertFingerprint()). -- cgit v1.2.3