From 929fa9a3b7621e0a956ed8d7beffb87ed7f16249 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Wed, 13 Mar 2013 21:01:53 +0100 Subject: ConfigurationWizard sets provider.json correctly for Dashboard once a custom provider is selected. Tested using https://bitmask.net as url for custom provider. --- src/se/leap/leapclient/ConfigHelper.java | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) (limited to 'src/se/leap/leapclient/ConfigHelper.java') diff --git a/src/se/leap/leapclient/ConfigHelper.java b/src/se/leap/leapclient/ConfigHelper.java index 5301209c..f5800a0e 100644 --- a/src/se/leap/leapclient/ConfigHelper.java +++ b/src/se/leap/leapclient/ConfigHelper.java @@ -17,6 +17,8 @@ import android.os.Environment; import android.util.Log; public class ConfigHelper { + + public static SharedPreferences shared_preferences; final static String downloadJsonFilesBundleExtra = "downloadJSONFiles"; final static String downloadNewProviderDotJSON = "downloadNewProviderDotJSON"; @@ -28,11 +30,13 @@ public class ConfigHelper { public static String provider_key_url = "provider_main_url"; final public static String eip_service_api_path = "/config/eip-service.json"; - final public static int CUSTOM_PROVIDER_ADDED = 0; + final public static int CUSTOM_PROVIDER_ADDED = 0; + final public static int CORRECTLY_DOWNLOADED_JSON_FILES = 1; + final public static int INCORRECTLY_DOWNLOADED_JSON_FILES = 2; static void saveSharedPref(String shared_preferences_key, JSONObject content) { - SharedPreferences.Editor shared_preferences_editor = ConfigurationWizard.shared_preferences + SharedPreferences.Editor shared_preferences_editor = shared_preferences .edit(); shared_preferences_editor.putString(shared_preferences_key, content.toString()); @@ -40,7 +44,7 @@ public class ConfigHelper { System.out.println("Shared preferences updated: key = " + shared_preferences_key + " Content = " - + ConfigurationWizard.shared_preferences.getString( + + shared_preferences.getString( shared_preferences_key, "Default")); } @@ -81,4 +85,9 @@ public class ConfigHelper { } return input_stream; } + + public static void setSharedPreferences( + SharedPreferences shared_preferences) { + ConfigHelper.shared_preferences = shared_preferences; + } } -- cgit v1.2.3 From 203c8caca5a305b90fd0e69c965e503afe979354 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Thu, 14 Mar 2013 19:53:31 +0100 Subject: After downloading provider.json successfully, ConfigurationWizard now can download eip-service.json and ca.crt without having the latter as a predefined trusted certificate. It does not ask anything about trusting the new certificate as far as selecting a custom provider means that the user trusts that url. Next step: make provider.json also downloadable from https address using ca.cert not trusted. --- src/se/leap/leapclient/ConfigHelper.java | 70 ++++++++++++++++++++++++++++++++ 1 file changed, 70 insertions(+) (limited to 'src/se/leap/leapclient/ConfigHelper.java') diff --git a/src/se/leap/leapclient/ConfigHelper.java b/src/se/leap/leapclient/ConfigHelper.java index f5800a0e..b6526691 100644 --- a/src/se/leap/leapclient/ConfigHelper.java +++ b/src/se/leap/leapclient/ConfigHelper.java @@ -8,6 +8,12 @@ import java.io.FileNotFoundException; import java.io.FileWriter; import java.io.IOException; import java.io.InputStream; +import java.security.KeyStore; +import java.security.KeyStoreException; +import java.security.NoSuchAlgorithmException; +import java.security.cert.CertificateException; +import java.security.cert.CertificateFactory; +import java.security.cert.X509Certificate; import org.json.JSONException; import org.json.JSONObject; @@ -19,6 +25,7 @@ import android.util.Log; public class ConfigHelper { public static SharedPreferences shared_preferences; + private static KeyStore keystore_trusted; final static String downloadJsonFilesBundleExtra = "downloadJSONFiles"; final static String downloadNewProviderDotJSON = "downloadNewProviderDotJSON"; @@ -90,4 +97,67 @@ public class ConfigHelper { SharedPreferences shared_preferences) { ConfigHelper.shared_preferences = shared_preferences; } + + public static void addTrustedCertificate(String provider, InputStream inputStream) { + CertificateFactory cf; + try { + cf = CertificateFactory.getInstance("X.509"); + X509Certificate cert = + (X509Certificate)cf.generateCertificate(inputStream); + keystore_trusted.setCertificateEntry("provider", cert); + } catch (CertificateException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } catch (KeyStoreException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + } + + public static void addTrustedCertificate(String provider, String certificate) { + String filename_to_save = provider + "_certificate.cer"; + saveFile(filename_to_save, certificate); + CertificateFactory cf; + try { + cf = CertificateFactory.getInstance("X.509"); + X509Certificate cert = + (X509Certificate)cf.generateCertificate(openFileInputStream(filename_to_save)); + keystore_trusted.setCertificateEntry("provider", cert); + } catch (CertificateException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } catch (KeyStoreException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + } + + public static KeyStore getKeystore() { + return keystore_trusted; + } + + public static void getNewKeystore(InputStream leap_keystore) { + try { + keystore_trusted = KeyStore.getInstance("BKS"); + try { + // Initialize the keystore with the provided trusted certificates + // Also provide the password of the keystore + keystore_trusted.load(leap_keystore, "uer92jf".toCharArray()); + } finally { + leap_keystore.close(); + } + } catch (KeyStoreException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } catch (NoSuchAlgorithmException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } catch (CertificateException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } catch (IOException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + } } -- cgit v1.2.3 From f4f454d53b881563d82f392545fb17ef9283c5e3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Mon, 18 Mar 2013 11:13:54 +0100 Subject: If ca.crt from new provider is not trusted, we can download it without problems assuming user wanted to trust it since s/he entered by him/herself the URL. Next step: refactor a bit, to make code more beautiful. --- src/se/leap/leapclient/ConfigHelper.java | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'src/se/leap/leapclient/ConfigHelper.java') diff --git a/src/se/leap/leapclient/ConfigHelper.java b/src/se/leap/leapclient/ConfigHelper.java index b6526691..8a0e2b45 100644 --- a/src/se/leap/leapclient/ConfigHelper.java +++ b/src/se/leap/leapclient/ConfigHelper.java @@ -142,7 +142,8 @@ public class ConfigHelper { try { // Initialize the keystore with the provided trusted certificates // Also provide the password of the keystore - keystore_trusted.load(leap_keystore, "uer92jf".toCharArray()); + //keystore_trusted.load(leap_keystore, "uer92jf".toCharArray()); + keystore_trusted.load(null, null); } finally { leap_keystore.close(); } -- cgit v1.2.3 From e99b19c279abddc1cfb30a12b48f37a8e37a82a2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Mon, 18 Mar 2013 12:11:16 +0100 Subject: Loads bks file from assets. --- src/se/leap/leapclient/ConfigHelper.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'src/se/leap/leapclient/ConfigHelper.java') diff --git a/src/se/leap/leapclient/ConfigHelper.java b/src/se/leap/leapclient/ConfigHelper.java index 8a0e2b45..5d89e491 100644 --- a/src/se/leap/leapclient/ConfigHelper.java +++ b/src/se/leap/leapclient/ConfigHelper.java @@ -142,8 +142,8 @@ public class ConfigHelper { try { // Initialize the keystore with the provided trusted certificates // Also provide the password of the keystore - //keystore_trusted.load(leap_keystore, "uer92jf".toCharArray()); - keystore_trusted.load(null, null); + keystore_trusted.load(leap_keystore, "uer92jf".toCharArray()); + //keystore_trusted.load(null, null); } finally { leap_keystore.close(); } -- cgit v1.2.3 From b48c3f63bfbdb0c01950cbd47c41a560afaf4fe2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Tue, 19 Mar 2013 17:39:53 +0100 Subject: The new certificate added by ConfigHelper.addTrustedCertificate did not used the provider alias, but a predefined (I forgot removing quotes from argument) string. --- src/se/leap/leapclient/ConfigHelper.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/se/leap/leapclient/ConfigHelper.java') diff --git a/src/se/leap/leapclient/ConfigHelper.java b/src/se/leap/leapclient/ConfigHelper.java index 5d89e491..35aec885 100644 --- a/src/se/leap/leapclient/ConfigHelper.java +++ b/src/se/leap/leapclient/ConfigHelper.java @@ -104,7 +104,7 @@ public class ConfigHelper { cf = CertificateFactory.getInstance("X.509"); X509Certificate cert = (X509Certificate)cf.generateCertificate(inputStream); - keystore_trusted.setCertificateEntry("provider", cert); + keystore_trusted.setCertificateEntry(provider, cert); } catch (CertificateException e) { // TODO Auto-generated catch block e.printStackTrace(); -- cgit v1.2.3 From 5f66e5765f52aab1907939018e40578e939dbc5f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Wed, 20 Mar 2013 17:35:39 +0100 Subject: Ready to use with Android JellyBean (api 16) --- src/se/leap/leapclient/ConfigHelper.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/se/leap/leapclient/ConfigHelper.java') diff --git a/src/se/leap/leapclient/ConfigHelper.java b/src/se/leap/leapclient/ConfigHelper.java index 35aec885..c2f6c413 100644 --- a/src/se/leap/leapclient/ConfigHelper.java +++ b/src/se/leap/leapclient/ConfigHelper.java @@ -122,7 +122,7 @@ public class ConfigHelper { cf = CertificateFactory.getInstance("X.509"); X509Certificate cert = (X509Certificate)cf.generateCertificate(openFileInputStream(filename_to_save)); - keystore_trusted.setCertificateEntry("provider", cert); + keystore_trusted.setCertificateEntry(provider, cert); } catch (CertificateException e) { // TODO Auto-generated catch block e.printStackTrace(); -- cgit v1.2.3