From a2a38163202e53eea1328d7c20ec0e94b33f2fc6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Thu, 10 Oct 2013 16:58:58 +0200 Subject: Refactored leapclient to bitmaskclient. I do not change the company (se.leap). All references within strings.xml point to "bitmask" instead of to "leap". --- src/se/leap/bitmaskclient/LeapHttpClient.java | 84 +++++++++++++++++++++++++++ 1 file changed, 84 insertions(+) create mode 100644 src/se/leap/bitmaskclient/LeapHttpClient.java (limited to 'src/se/leap/bitmaskclient/LeapHttpClient.java') diff --git a/src/se/leap/bitmaskclient/LeapHttpClient.java b/src/se/leap/bitmaskclient/LeapHttpClient.java new file mode 100644 index 00000000..837da236 --- /dev/null +++ b/src/se/leap/bitmaskclient/LeapHttpClient.java @@ -0,0 +1,84 @@ +/** + * Copyright (c) 2013 LEAP Encryption Access Project and contributers + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ + package se.leap.bitmaskclient; + +import java.security.KeyStore; + +import org.apache.http.conn.ClientConnectionManager; +import org.apache.http.conn.scheme.PlainSocketFactory; +import org.apache.http.conn.scheme.Scheme; +import org.apache.http.conn.scheme.SchemeRegistry; +import org.apache.http.conn.ssl.SSLSocketFactory; +import org.apache.http.impl.client.DefaultHttpClient; +import org.apache.http.impl.conn.SingleClientConnManager; +import android.content.Context; + +/** + * Implements an HTTP client, enabling LEAP Android app to manage its own runtime keystore or bypass default Android security measures. + * + * @author rafa + * + */ +public class LeapHttpClient extends DefaultHttpClient { + final Context context; + + private static LeapHttpClient client; + + /** + * If the class scope client is null, it creates one and imports, if existing, the main certificate from Shared Preferences. + * @param context + * @return the new client. + */ + public static LeapHttpClient getInstance(Context context) { + if(client == null) { + client = new LeapHttpClient(context); + String cert_string = ConfigHelper.getStringFromSharedPref(Provider.CA_CERT); + if(cert_string != null) { + ConfigHelper.addTrustedCertificate("provider_ca_certificate", cert_string); + } + } + return client; + } + + @Override + protected ClientConnectionManager createClientConnectionManager() { + SchemeRegistry registry = new SchemeRegistry(); + registry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80)); + registry.register(new Scheme("https", newSslSocketFactory(), 443)); + + return new SingleClientConnManager(getParams(), registry); + } + + /** + * Uses keystore from ConfigHelper for the SSLSocketFactory. + * @return + */ + private SSLSocketFactory newSslSocketFactory() { + try { + KeyStore trusted = ConfigHelper.getKeystore(); + SSLSocketFactory sf = new SSLSocketFactory(trusted); + + return sf; + } catch (Exception e) { + throw new AssertionError(e); + } + } + + public LeapHttpClient(Context context) { + this.context = context; + } +} -- cgit v1.2.3