From a8274e8b2649481f22bfc6d205d2ca7599fea065 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Tue, 26 Feb 2013 18:27:01 +0100 Subject: Resolved issue: Change bitmask eip-service.json url from api/1 to api:4430 (Support #1759) --- assets/urls/bitmask.url | 2 +- res/raw/leapkeystore.bks | Bin 1487 -> 2871 bytes 2 files changed, 1 insertion(+), 1 deletion(-) diff --git a/assets/urls/bitmask.url b/assets/urls/bitmask.url index f83ead8..910f040 100644 --- a/assets/urls/bitmask.url +++ b/assets/urls/bitmask.url @@ -3,5 +3,5 @@ "assets_json_provider" : "providers/bitmask.net_provider.json", "json_provider" : "https://bitmask.net/provider.json", "cert" : "https://bitmask.net/ca.crt", - "json_eip_service" : "https://api.bitmask.net/1/config/eip-service.json" + "json_eip_service" : "https://api.bitmask.net:4430/1/config/eip-service.json" } \ No newline at end of file diff --git a/res/raw/leapkeystore.bks b/res/raw/leapkeystore.bks index 2e853ac..a6eaf30 100644 Binary files a/res/raw/leapkeystore.bks and b/res/raw/leapkeystore.bks differ -- cgit v1.2.3 From 929fa9a3b7621e0a956ed8d7beffb87ed7f16249 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Wed, 13 Mar 2013 21:01:53 +0100 Subject: ConfigurationWizard sets provider.json correctly for Dashboard once a custom provider is selected. Tested using https://bitmask.net as url for custom provider. --- src/se/leap/leapclient/ConfigHelper.java | 15 +++++++++++--- src/se/leap/leapclient/ConfigurationWizard.java | 26 +++++++++++++++---------- src/se/leap/leapclient/ProviderAPI.java | 8 ++++++++ src/se/leap/leapclient/ProviderListContent.java | 6 ++++-- 4 files changed, 40 insertions(+), 15 deletions(-) diff --git a/src/se/leap/leapclient/ConfigHelper.java b/src/se/leap/leapclient/ConfigHelper.java index 5301209..f5800a0 100644 --- a/src/se/leap/leapclient/ConfigHelper.java +++ b/src/se/leap/leapclient/ConfigHelper.java @@ -17,6 +17,8 @@ import android.os.Environment; import android.util.Log; public class ConfigHelper { + + public static SharedPreferences shared_preferences; final static String downloadJsonFilesBundleExtra = "downloadJSONFiles"; final static String downloadNewProviderDotJSON = "downloadNewProviderDotJSON"; @@ -28,11 +30,13 @@ public class ConfigHelper { public static String provider_key_url = "provider_main_url"; final public static String eip_service_api_path = "/config/eip-service.json"; - final public static int CUSTOM_PROVIDER_ADDED = 0; + final public static int CUSTOM_PROVIDER_ADDED = 0; + final public static int CORRECTLY_DOWNLOADED_JSON_FILES = 1; + final public static int INCORRECTLY_DOWNLOADED_JSON_FILES = 2; static void saveSharedPref(String shared_preferences_key, JSONObject content) { - SharedPreferences.Editor shared_preferences_editor = ConfigurationWizard.shared_preferences + SharedPreferences.Editor shared_preferences_editor = shared_preferences .edit(); shared_preferences_editor.putString(shared_preferences_key, content.toString()); @@ -40,7 +44,7 @@ public class ConfigHelper { System.out.println("Shared preferences updated: key = " + shared_preferences_key + " Content = " - + ConfigurationWizard.shared_preferences.getString( + + shared_preferences.getString( shared_preferences_key, "Default")); } @@ -81,4 +85,9 @@ public class ConfigHelper { } return input_stream; } + + public static void setSharedPreferences( + SharedPreferences shared_preferences) { + ConfigHelper.shared_preferences = shared_preferences; + } } diff --git a/src/se/leap/leapclient/ConfigurationWizard.java b/src/se/leap/leapclient/ConfigurationWizard.java index e252fa6..dcefb27 100644 --- a/src/se/leap/leapclient/ConfigurationWizard.java +++ b/src/se/leap/leapclient/ConfigurationWizard.java @@ -59,7 +59,7 @@ public class ConfigurationWizard extends Activity setContentView(R.layout.activity_configuration_wizard); - shared_preferences = getSharedPreferences(ConfigHelper.PREFERENCES_KEY,MODE_PRIVATE); + ConfigHelper.setSharedPreferences(getSharedPreferences(ConfigHelper.PREFERENCES_KEY,MODE_PRIVATE)); loadPreseededProviders(); @@ -118,10 +118,9 @@ public class ConfigurationWizard extends Activity if(current_provider_item.id.equalsIgnoreCase(id)) { try { - if(!current_provider_item.custom) - processAssetsFiles(current_provider_item); - // TODO ask Provider class to save provider.json, setResult(OK), finish() to ConfigurationWizard - downloadJSONFiles(current_provider_item); + saveProviderJson(current_provider_item); + downloadJSONFiles(current_provider_item); + } catch (IOException e) { // TODO Auto-generated catch block e.printStackTrace(); @@ -136,11 +135,15 @@ public class ConfigurationWizard extends Activity } } - private void processAssetsFiles(ProviderItem current_provider_item) { + private void saveProviderJson(ProviderItem current_provider_item) { AssetManager assets_manager = getAssets(); JSONObject provider_json = new JSONObject(); try { - String provider_contents = new Scanner(new InputStreamReader(assets_manager.open(current_provider_item.provider_json_assets))).useDelimiter("\\A").next(); + String provider_contents = ""; + if(!current_provider_item.custom) + provider_contents = new Scanner(new InputStreamReader(assets_manager.open(current_provider_item.provider_json_filename))).useDelimiter("\\A").next(); + else + provider_contents = new Scanner(ConfigHelper.openFileInputStream(current_provider_item.provider_json_filename)).useDelimiter("\\A").next(); provider_json = new JSONObject(provider_contents); } catch (IOException e) { // TODO Auto-generated catch block @@ -152,16 +155,20 @@ public class ConfigurationWizard extends Activity } private void downloadJSONFiles(ProviderItem current_provider_item) throws IOException { + providerAPI_result_receiver = new ProviderAPIResultReceiver(new Handler()); + providerAPI_result_receiver.setReceiver(this); + Intent provider_API_command = new Intent(this, ProviderAPI.class); Bundle method_and_parameters = new Bundle(); + + method_and_parameters.putString(ConfigHelper.provider_key, current_provider_item.name); method_and_parameters.putString(ConfigHelper.cert_key, current_provider_item.cert_json_url); method_and_parameters.putString(ConfigHelper.eip_service_key, current_provider_item.eip_service_json_url); provider_API_command.putExtra(ConfigHelper.downloadJsonFilesBundleExtra, method_and_parameters); - + provider_API_command.putExtra("receiver", providerAPI_result_receiver); startService(provider_API_command); - } public void addNewProvider(View view) { @@ -193,7 +200,6 @@ public class ConfigurationWizard extends Activity @Override public void onReceiveResult(int resultCode, Bundle resultData) { - // TODO Auto-generated method stub if(resultCode == ConfigHelper.CUSTOM_PROVIDER_ADDED){ ProviderListFragment providerList = new ProviderListFragment(); diff --git a/src/se/leap/leapclient/ProviderAPI.java b/src/se/leap/leapclient/ProviderAPI.java index 583eea0..1dc7c9f 100644 --- a/src/se/leap/leapclient/ProviderAPI.java +++ b/src/se/leap/leapclient/ProviderAPI.java @@ -32,21 +32,28 @@ public class ProviderAPI extends IntentService { Bundle task; System.out.println("onHandleIntent called"); if((task = task_for.getBundleExtra(ConfigHelper.downloadJsonFilesBundleExtra)) != null) { + String provider_name = (String) task.get(ConfigHelper.provider_key); String cert_url = (String) task.get(ConfigHelper.cert_key); String eip_service_json_url = (String) task.get(ConfigHelper.eip_service_key); try { + JSONObject provider_json = new JSONObject("{ \"provider\" : \"" + provider_name + "\"}"); + ConfigHelper.saveSharedPref(ConfigHelper.provider_key, provider_json); String cert_string = getStringFromProvider(cert_url); JSONObject cert_json = new JSONObject("{ \"certificate\" : \"" + cert_string + "\"}"); ConfigHelper.saveSharedPref(ConfigHelper.cert_key, cert_json); JSONObject eip_service_json = getJSONFromProvider(eip_service_json_url); ConfigHelper.saveSharedPref(ConfigHelper.eip_service_key, eip_service_json); + receiver.send(ConfigHelper.CORRECTLY_DOWNLOADED_JSON_FILES, Bundle.EMPTY); } catch (IOException e) { // TODO Auto-generated catch block e.printStackTrace(); + receiver.send(ConfigHelper.INCORRECTLY_DOWNLOADED_JSON_FILES, Bundle.EMPTY); } catch (JSONException e) { ConfigHelper.rescueJSONException(e); + receiver.send(ConfigHelper.INCORRECTLY_DOWNLOADED_JSON_FILES, Bundle.EMPTY); } catch(Exception e) { e.printStackTrace(); + receiver.send(ConfigHelper.INCORRECTLY_DOWNLOADED_JSON_FILES, Bundle.EMPTY); } } else if ((task = task_for.getBundleExtra(ConfigHelper.downloadNewProviderDotJSON)) != null) { @@ -58,6 +65,7 @@ public class ProviderAPI extends IntentService { JSONObject provider_json = getJSONFromProvider(provider_json_url); String filename = provider_name + "_provider.json".replaceFirst("__", "_"); ConfigHelper.saveFile(filename, provider_json.toString()); + ProviderListContent.addItem(new ProviderItem(provider_name, ConfigHelper.openFileInputStream(filename), custom)); receiver.send(ConfigHelper.CUSTOM_PROVIDER_ADDED, Bundle.EMPTY); } catch (IOException e) { diff --git a/src/se/leap/leapclient/ProviderListContent.java b/src/se/leap/leapclient/ProviderListContent.java index d475d36..dd227bf 100644 --- a/src/se/leap/leapclient/ProviderListContent.java +++ b/src/se/leap/leapclient/ProviderListContent.java @@ -41,7 +41,7 @@ public class ProviderListContent { public String id; public String name; public String provider_json_url; - public String provider_json_assets; + public String provider_json_filename; public String eip_service_json_url; public String cert_json_url; @@ -63,7 +63,7 @@ public class ProviderListContent { id = name; this.name = name; provider_json_url = (String) file_contents.get("json_provider"); - provider_json_assets = (String) file_contents.get("assets_json_provider"); + provider_json_filename = (String) file_contents.get("assets_json_provider"); eip_service_json_url = (String) file_contents.get("json_eip_service"); cert_json_url = (String) file_contents.get("cert"); this.custom = custom; @@ -88,6 +88,8 @@ public class ProviderListContent { eip_service_json_url = (String) file_contents.get("api_uri") + ConfigHelper.eip_service_api_path; cert_json_url = (String) file_contents.get("ca_cert_uri"); this.custom = custom; + if(custom) + provider_json_filename = name + "_provider.json".replaceFirst("__", "_"); } catch (JSONException e) { // TODO Auto-generated catch block e.printStackTrace(); -- cgit v1.2.3 From 203c8caca5a305b90fd0e69c965e503afe979354 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Thu, 14 Mar 2013 19:53:31 +0100 Subject: After downloading provider.json successfully, ConfigurationWizard now can download eip-service.json and ca.crt without having the latter as a predefined trusted certificate. It does not ask anything about trusting the new certificate as far as selecting a custom provider means that the user trusts that url. Next step: make provider.json also downloadable from https address using ca.cert not trusted. --- src/se/leap/leapclient/ConfigHelper.java | 70 +++++++++++++++++++++++++ src/se/leap/leapclient/ConfigurationWizard.java | 6 +++ src/se/leap/leapclient/LeapHttpClient.java | 15 ++---- src/se/leap/leapclient/ProviderAPI.java | 13 +++-- 4 files changed, 90 insertions(+), 14 deletions(-) diff --git a/src/se/leap/leapclient/ConfigHelper.java b/src/se/leap/leapclient/ConfigHelper.java index f5800a0..b652669 100644 --- a/src/se/leap/leapclient/ConfigHelper.java +++ b/src/se/leap/leapclient/ConfigHelper.java @@ -8,6 +8,12 @@ import java.io.FileNotFoundException; import java.io.FileWriter; import java.io.IOException; import java.io.InputStream; +import java.security.KeyStore; +import java.security.KeyStoreException; +import java.security.NoSuchAlgorithmException; +import java.security.cert.CertificateException; +import java.security.cert.CertificateFactory; +import java.security.cert.X509Certificate; import org.json.JSONException; import org.json.JSONObject; @@ -19,6 +25,7 @@ import android.util.Log; public class ConfigHelper { public static SharedPreferences shared_preferences; + private static KeyStore keystore_trusted; final static String downloadJsonFilesBundleExtra = "downloadJSONFiles"; final static String downloadNewProviderDotJSON = "downloadNewProviderDotJSON"; @@ -90,4 +97,67 @@ public class ConfigHelper { SharedPreferences shared_preferences) { ConfigHelper.shared_preferences = shared_preferences; } + + public static void addTrustedCertificate(String provider, InputStream inputStream) { + CertificateFactory cf; + try { + cf = CertificateFactory.getInstance("X.509"); + X509Certificate cert = + (X509Certificate)cf.generateCertificate(inputStream); + keystore_trusted.setCertificateEntry("provider", cert); + } catch (CertificateException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } catch (KeyStoreException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + } + + public static void addTrustedCertificate(String provider, String certificate) { + String filename_to_save = provider + "_certificate.cer"; + saveFile(filename_to_save, certificate); + CertificateFactory cf; + try { + cf = CertificateFactory.getInstance("X.509"); + X509Certificate cert = + (X509Certificate)cf.generateCertificate(openFileInputStream(filename_to_save)); + keystore_trusted.setCertificateEntry("provider", cert); + } catch (CertificateException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } catch (KeyStoreException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + } + + public static KeyStore getKeystore() { + return keystore_trusted; + } + + public static void getNewKeystore(InputStream leap_keystore) { + try { + keystore_trusted = KeyStore.getInstance("BKS"); + try { + // Initialize the keystore with the provided trusted certificates + // Also provide the password of the keystore + keystore_trusted.load(leap_keystore, "uer92jf".toCharArray()); + } finally { + leap_keystore.close(); + } + } catch (KeyStoreException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } catch (NoSuchAlgorithmException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } catch (CertificateException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } catch (IOException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + } } diff --git a/src/se/leap/leapclient/ConfigurationWizard.java b/src/se/leap/leapclient/ConfigurationWizard.java index dcefb27..69e13f1 100644 --- a/src/se/leap/leapclient/ConfigurationWizard.java +++ b/src/se/leap/leapclient/ConfigurationWizard.java @@ -1,6 +1,7 @@ package se.leap.leapclient; import java.io.IOException; +import java.io.InputStream; import java.io.InputStreamReader; import java.util.Iterator; import java.util.Scanner; @@ -63,6 +64,11 @@ public class ConfigurationWizard extends Activity loadPreseededProviders(); + if(ConfigHelper.getKeystore() == null) { + InputStream keystore_input_stream = getResources().openRawResource(R.raw.leapkeystore); + ConfigHelper.getNewKeystore(keystore_input_stream); + } + // Only create our fragments if we're not restoring a saved instance if ( savedInstanceState == null ){ // TODO Some welcome screen? diff --git a/src/se/leap/leapclient/LeapHttpClient.java b/src/se/leap/leapclient/LeapHttpClient.java index 9e1a541..9ee0a95 100644 --- a/src/se/leap/leapclient/LeapHttpClient.java +++ b/src/se/leap/leapclient/LeapHttpClient.java @@ -33,23 +33,16 @@ public class LeapHttpClient extends DefaultHttpClient { private SSLSocketFactory newSslSocketFactory() { try { // Get an instance of the Bouncy Castle KeyStore format - KeyStore trusted = KeyStore.getInstance("BKS"); - // Get the raw resource, which contains the keystore with - // your trusted certificates (root and any intermediate certs) - InputStream in = context.getResources().openRawResource(R.raw.leapkeystore); - try { - // Initialize the keystore with the provided trusted certificates - // Also provide the password of the keystore - trusted.load(in, "uer92jf".toCharArray()); - } finally { - in.close(); - } + KeyStore trusted = ConfigHelper.getKeystore(); + // Pass the keystore to the SSLSocketFactory. The factory is responsible // for the verification of the server certificate. SSLSocketFactory sf = new SSLSocketFactory(trusted); + // Hostname verification from certificate // http://hc.apache.org/httpcomponents-client-ga/tutorial/html/connmgmt.html#d4e506 sf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); + return sf; } catch (Exception e) { throw new AssertionError(e); diff --git a/src/se/leap/leapclient/ProviderAPI.java b/src/se/leap/leapclient/ProviderAPI.java index 1dc7c9f..01cbd01 100644 --- a/src/se/leap/leapclient/ProviderAPI.java +++ b/src/se/leap/leapclient/ProviderAPI.java @@ -1,6 +1,9 @@ package se.leap.leapclient; import java.io.IOException; +import java.net.URL; +import java.security.Provider; +import java.security.Security; import java.util.Scanner; import org.apache.http.HttpEntity; @@ -38,14 +41,18 @@ public class ProviderAPI extends IntentService { try { JSONObject provider_json = new JSONObject("{ \"provider\" : \"" + provider_name + "\"}"); ConfigHelper.saveSharedPref(ConfigHelper.provider_key, provider_json); - String cert_string = getStringFromProvider(cert_url); + + /*String cert_string = getStringFromProvider(cert_url); JSONObject cert_json = new JSONObject("{ \"certificate\" : \"" + cert_string + "\"}"); ConfigHelper.saveSharedPref(ConfigHelper.cert_key, cert_json); + ConfigHelper.addTrustedCertificate(provider_name, cert_string);*/ + URL cacert = new URL(cert_url); + ConfigHelper.addTrustedCertificate(provider_name, cacert.openStream()); JSONObject eip_service_json = getJSONFromProvider(eip_service_json_url); ConfigHelper.saveSharedPref(ConfigHelper.eip_service_key, eip_service_json); receiver.send(ConfigHelper.CORRECTLY_DOWNLOADED_JSON_FILES, Bundle.EMPTY); } catch (IOException e) { - // TODO Auto-generated catch block + // TODO It could happen that an https site used a certificate not trusted. e.printStackTrace(); receiver.send(ConfigHelper.INCORRECTLY_DOWNLOADED_JSON_FILES, Bundle.EMPTY); } catch (JSONException e) { @@ -69,7 +76,7 @@ public class ProviderAPI extends IntentService { ProviderListContent.addItem(new ProviderItem(provider_name, ConfigHelper.openFileInputStream(filename), custom)); receiver.send(ConfigHelper.CUSTOM_PROVIDER_ADDED, Bundle.EMPTY); } catch (IOException e) { - // TODO Auto-generated catch block + // TODO It could happen that an https site used a certificate not trusted. e.printStackTrace(); } catch (JSONException e) { // TODO Auto-generated catch block -- cgit v1.2.3 From f4f454d53b881563d82f392545fb17ef9283c5e3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Mon, 18 Mar 2013 11:13:54 +0100 Subject: If ca.crt from new provider is not trusted, we can download it without problems assuming user wanted to trust it since s/he entered by him/herself the URL. Next step: refactor a bit, to make code more beautiful. --- src/se/leap/leapclient/ConfigHelper.java | 3 ++- src/se/leap/leapclient/ProviderAPI.java | 29 +++++++++++++++++++++++------ 2 files changed, 25 insertions(+), 7 deletions(-) diff --git a/src/se/leap/leapclient/ConfigHelper.java b/src/se/leap/leapclient/ConfigHelper.java index b652669..8a0e2b4 100644 --- a/src/se/leap/leapclient/ConfigHelper.java +++ b/src/se/leap/leapclient/ConfigHelper.java @@ -142,7 +142,8 @@ public class ConfigHelper { try { // Initialize the keystore with the provided trusted certificates // Also provide the password of the keystore - keystore_trusted.load(leap_keystore, "uer92jf".toCharArray()); + //keystore_trusted.load(leap_keystore, "uer92jf".toCharArray()); + keystore_trusted.load(null, null); } finally { leap_keystore.close(); } diff --git a/src/se/leap/leapclient/ProviderAPI.java b/src/se/leap/leapclient/ProviderAPI.java index 01cbd01..db5301e 100644 --- a/src/se/leap/leapclient/ProviderAPI.java +++ b/src/se/leap/leapclient/ProviderAPI.java @@ -1,6 +1,7 @@ package se.leap.leapclient; import java.io.IOException; +import java.net.MalformedURLException; import java.net.URL; import java.security.Provider; import java.security.Security; @@ -68,20 +69,36 @@ public class ProviderAPI extends IntentService { String provider_main_url = (String) task.get(ConfigHelper.provider_key_url); String provider_name = provider_main_url.replaceFirst("http[s]?://", "").replaceFirst("\\/", "_"); String provider_json_url = guessURL(provider_main_url); + JSONObject provider_json = null; try { - JSONObject provider_json = getJSONFromProvider(provider_json_url); - String filename = provider_name + "_provider.json".replaceFirst("__", "_"); - ConfigHelper.saveFile(filename, provider_json.toString()); - - ProviderListContent.addItem(new ProviderItem(provider_name, ConfigHelper.openFileInputStream(filename), custom)); - receiver.send(ConfigHelper.CUSTOM_PROVIDER_ADDED, Bundle.EMPTY); + provider_json = getJSONFromProvider(provider_json_url); } catch (IOException e) { // TODO It could happen that an https site used a certificate not trusted. + try { + URL provider_url = new URL(provider_json_url); + String provider_json_string = new Scanner(provider_url.openStream()).useDelimiter("\\A").next(); + provider_json = new JSONObject(provider_json_string); + } catch (MalformedURLException e1) { + // TODO Auto-generated catch block + e1.printStackTrace(); + } catch (IOException e1) { + // TODO Auto-generated catch block + e1.printStackTrace(); + } catch (JSONException e1) { + // TODO Auto-generated catch block + e1.printStackTrace(); + } + e.printStackTrace(); } catch (JSONException e) { // TODO Auto-generated catch block e.printStackTrace(); } + String filename = provider_name + "_provider.json".replaceFirst("__", "_"); + ConfigHelper.saveFile(filename, provider_json.toString()); + + ProviderListContent.addItem(new ProviderItem(provider_name, ConfigHelper.openFileInputStream(filename), custom)); + receiver.send(ConfigHelper.CUSTOM_PROVIDER_ADDED, Bundle.EMPTY); } } -- cgit v1.2.3 From 1fcb255170a2be35eecc5645a7b1757101b844f6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Mon, 18 Mar 2013 12:00:47 +0100 Subject: Refactored ProviderAPI code. ConfigurationWizard works without problem for both new and preseeded providers. I've added flow control for the activity to finish when all files have been downloaded, managing errors with setResult(RESULT_CANCELED). --- src/se/leap/leapclient/ConfigurationWizard.java | 14 +-- src/se/leap/leapclient/ProviderAPI.java | 135 ++++++++++++++---------- 2 files changed, 86 insertions(+), 63 deletions(-) diff --git a/src/se/leap/leapclient/ConfigurationWizard.java b/src/se/leap/leapclient/ConfigurationWizard.java index 69e13f1..90e74e5 100644 --- a/src/se/leap/leapclient/ConfigurationWizard.java +++ b/src/se/leap/leapclient/ConfigurationWizard.java @@ -126,18 +126,12 @@ public class ConfigurationWizard extends Activity try { saveProviderJson(current_provider_item); downloadJSONFiles(current_provider_item); - } catch (IOException e) { // TODO Auto-generated catch block e.printStackTrace(); } } } - - // FIXME!! We're going to have more Fragments and listeners, flow control? - // TODO There is no testing done to know if we're okay... - setResult(RESULT_OK); - finish(); } } @@ -214,5 +208,13 @@ public class ConfigurationWizard extends Activity .replace(R.id.configuration_wizard_layout, providerList, "providerlist") .commit(); } + else if(resultCode == ConfigHelper.CORRECTLY_DOWNLOADED_JSON_FILES) { + setResult(RESULT_OK); + finish(); + } + else if(resultCode == ConfigHelper.INCORRECTLY_DOWNLOADED_JSON_FILES) { + setResult(RESULT_CANCELED); + finish(); + } } } diff --git a/src/se/leap/leapclient/ProviderAPI.java b/src/se/leap/leapclient/ProviderAPI.java index db5301e..afbf1c0 100644 --- a/src/se/leap/leapclient/ProviderAPI.java +++ b/src/se/leap/leapclient/ProviderAPI.java @@ -34,72 +34,93 @@ public class ProviderAPI extends IntentService { protected void onHandleIntent(Intent task_for) { final ResultReceiver receiver = task_for.getParcelableExtra("receiver"); Bundle task; - System.out.println("onHandleIntent called"); if((task = task_for.getBundleExtra(ConfigHelper.downloadJsonFilesBundleExtra)) != null) { - String provider_name = (String) task.get(ConfigHelper.provider_key); - String cert_url = (String) task.get(ConfigHelper.cert_key); - String eip_service_json_url = (String) task.get(ConfigHelper.eip_service_key); - try { - JSONObject provider_json = new JSONObject("{ \"provider\" : \"" + provider_name + "\"}"); - ConfigHelper.saveSharedPref(ConfigHelper.provider_key, provider_json); - - /*String cert_string = getStringFromProvider(cert_url); - JSONObject cert_json = new JSONObject("{ \"certificate\" : \"" + cert_string + "\"}"); - ConfigHelper.saveSharedPref(ConfigHelper.cert_key, cert_json); - ConfigHelper.addTrustedCertificate(provider_name, cert_string);*/ - URL cacert = new URL(cert_url); - ConfigHelper.addTrustedCertificate(provider_name, cacert.openStream()); - JSONObject eip_service_json = getJSONFromProvider(eip_service_json_url); - ConfigHelper.saveSharedPref(ConfigHelper.eip_service_key, eip_service_json); + if(downloadJsonFilesBundleExtra(task)) receiver.send(ConfigHelper.CORRECTLY_DOWNLOADED_JSON_FILES, Bundle.EMPTY); - } catch (IOException e) { - // TODO It could happen that an https site used a certificate not trusted. - e.printStackTrace(); + else receiver.send(ConfigHelper.INCORRECTLY_DOWNLOADED_JSON_FILES, Bundle.EMPTY); - } catch (JSONException e) { - ConfigHelper.rescueJSONException(e); - receiver.send(ConfigHelper.INCORRECTLY_DOWNLOADED_JSON_FILES, Bundle.EMPTY); - } catch(Exception e) { - e.printStackTrace(); - receiver.send(ConfigHelper.INCORRECTLY_DOWNLOADED_JSON_FILES, Bundle.EMPTY); - } } else if ((task = task_for.getBundleExtra(ConfigHelper.downloadNewProviderDotJSON)) != null) { - boolean custom = true; - String provider_main_url = (String) task.get(ConfigHelper.provider_key_url); - String provider_name = provider_main_url.replaceFirst("http[s]?://", "").replaceFirst("\\/", "_"); - String provider_json_url = guessURL(provider_main_url); - JSONObject provider_json = null; - try { - provider_json = getJSONFromProvider(provider_json_url); - } catch (IOException e) { - // TODO It could happen that an https site used a certificate not trusted. - try { - URL provider_url = new URL(provider_json_url); - String provider_json_string = new Scanner(provider_url.openStream()).useDelimiter("\\A").next(); - provider_json = new JSONObject(provider_json_string); - } catch (MalformedURLException e1) { - // TODO Auto-generated catch block - e1.printStackTrace(); - } catch (IOException e1) { - // TODO Auto-generated catch block - e1.printStackTrace(); - } catch (JSONException e1) { - // TODO Auto-generated catch block - e1.printStackTrace(); - } - - e.printStackTrace(); - } catch (JSONException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } + if(downloadNewProviderDotJSON(task)) + receiver.send(ConfigHelper.CUSTOM_PROVIDER_ADDED, Bundle.EMPTY); + else + receiver.send(ConfigHelper.INCORRECTLY_DOWNLOADED_JSON_FILES, Bundle.EMPTY); + } + } + + private boolean downloadNewProviderDotJSON(Bundle task) { + boolean custom = true; + String provider_main_url = (String) task.get(ConfigHelper.provider_key_url); + String provider_name = provider_main_url.replaceFirst("http[s]?://", "").replaceFirst("\\/", "_"); + String provider_json_url = guessURL(provider_main_url); + JSONObject provider_json = null; + try { + provider_json = getJSONFromProvider(provider_json_url); + } catch (IOException e) { + // It could happen that an https site used a certificate not trusted. + provider_json = downloadNewProviderDotJsonWithoutCert(provider_json_url); + } catch (JSONException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + return false; + } + + if(provider_json == null) { + return false; + } else { String filename = provider_name + "_provider.json".replaceFirst("__", "_"); ConfigHelper.saveFile(filename, provider_json.toString()); + + ProviderListContent.addItem(new ProviderItem(provider_name, ConfigHelper.openFileInputStream(filename), custom)); + return true; + } + } + + private boolean downloadJsonFilesBundleExtra(Bundle task) { + String provider_name = (String) task.get(ConfigHelper.provider_key); + String cert_url = (String) task.get(ConfigHelper.cert_key); + String eip_service_json_url = (String) task.get(ConfigHelper.eip_service_key); + try { + //JSONObject provider_json = new JSONObject("{ \"provider\" : \"" + provider_name + "\"}"); + //ConfigHelper.saveSharedPref(ConfigHelper.provider_key, provider_json); - ProviderListContent.addItem(new ProviderItem(provider_name, ConfigHelper.openFileInputStream(filename), custom)); - receiver.send(ConfigHelper.CUSTOM_PROVIDER_ADDED, Bundle.EMPTY); + /*String cert_string = getStringFromProvider(cert_url); + JSONObject cert_json = new JSONObject("{ \"certificate\" : \"" + cert_string + "\"}"); + ConfigHelper.saveSharedPref(ConfigHelper.cert_key, cert_json); + ConfigHelper.addTrustedCertificate(provider_name, cert_string);*/ + URL cacert = new URL(cert_url); + ConfigHelper.addTrustedCertificate(provider_name, cacert.openStream()); + JSONObject eip_service_json = getJSONFromProvider(eip_service_json_url); + ConfigHelper.saveSharedPref(ConfigHelper.eip_service_key, eip_service_json); + return true; + } catch (IOException e) { + // It could happen that an https site used a certificate not trusted: solved above using URL + e.printStackTrace(); + return false; + } catch (JSONException e) { + ConfigHelper.rescueJSONException(e); + return false; + } catch(Exception e) { + e.printStackTrace(); + return false; + } + } + + private JSONObject downloadNewProviderDotJsonWithoutCert( + String provider_json_url) { + JSONObject provider_json = null; + try { + URL provider_url = new URL(provider_json_url); + String provider_json_string = new Scanner(provider_url.openStream()).useDelimiter("\\A").next(); + provider_json = new JSONObject(provider_json_string); + } catch (MalformedURLException e1) { + e1.printStackTrace(); + } catch (IOException e1) { + e1.printStackTrace(); + } catch (JSONException e1) { + e1.printStackTrace(); } + return provider_json; } private String guessURL(String provider_main_url) { -- cgit v1.2.3 From e99b19c279abddc1cfb30a12b48f37a8e37a82a2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Mon, 18 Mar 2013 12:11:16 +0100 Subject: Loads bks file from assets. --- src/se/leap/leapclient/ConfigHelper.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/se/leap/leapclient/ConfigHelper.java b/src/se/leap/leapclient/ConfigHelper.java index 8a0e2b4..5d89e49 100644 --- a/src/se/leap/leapclient/ConfigHelper.java +++ b/src/se/leap/leapclient/ConfigHelper.java @@ -142,8 +142,8 @@ public class ConfigHelper { try { // Initialize the keystore with the provided trusted certificates // Also provide the password of the keystore - //keystore_trusted.load(leap_keystore, "uer92jf".toCharArray()); - keystore_trusted.load(null, null); + keystore_trusted.load(leap_keystore, "uer92jf".toCharArray()); + //keystore_trusted.load(null, null); } finally { leap_keystore.close(); } -- cgit v1.2.3 From 0e67b3335dac82e41400a2161df43419fe2a736b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Tue, 19 Mar 2013 16:59:08 +0100 Subject: Included libs folder with bouncycastle inside it. --- .gitignore | 1 - libs/bcprov-ext-jdk15on-147.jar | Bin 0 -> 2070477 bytes 2 files changed, 1 deletion(-) create mode 100644 libs/bcprov-ext-jdk15on-147.jar diff --git a/.gitignore b/.gitignore index 0ceda54..bcf61e1 100644 --- a/.gitignore +++ b/.gitignore @@ -1,6 +1,5 @@ obj bin -libs gen openvpn/.git openvpn/autom4te.cache diff --git a/libs/bcprov-ext-jdk15on-147.jar b/libs/bcprov-ext-jdk15on-147.jar new file mode 100644 index 0000000..22a06b7 Binary files /dev/null and b/libs/bcprov-ext-jdk15on-147.jar differ -- cgit v1.2.3 From b48c3f63bfbdb0c01950cbd47c41a560afaf4fe2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Tue, 19 Mar 2013 17:39:53 +0100 Subject: The new certificate added by ConfigHelper.addTrustedCertificate did not used the provider alias, but a predefined (I forgot removing quotes from argument) string. --- src/se/leap/leapclient/ConfigHelper.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/se/leap/leapclient/ConfigHelper.java b/src/se/leap/leapclient/ConfigHelper.java index 5d89e49..35aec88 100644 --- a/src/se/leap/leapclient/ConfigHelper.java +++ b/src/se/leap/leapclient/ConfigHelper.java @@ -104,7 +104,7 @@ public class ConfigHelper { cf = CertificateFactory.getInstance("X.509"); X509Certificate cert = (X509Certificate)cf.generateCertificate(inputStream); - keystore_trusted.setCertificateEntry("provider", cert); + keystore_trusted.setCertificateEntry(provider, cert); } catch (CertificateException e) { // TODO Auto-generated catch block e.printStackTrace(); -- cgit v1.2.3 From 5f66e5765f52aab1907939018e40578e939dbc5f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Wed, 20 Mar 2013 17:35:39 +0100 Subject: Ready to use with Android JellyBean (api 16) --- .classpath | 2 +- libs/bcprov-ext-jdk15on-146.jar | Bin 0 -> 1825975 bytes libs/bcprov-ext-jdk15on-147.jar | Bin 2070477 -> 0 bytes project.properties | 2 +- res/raw/leapkeystore.bks | Bin 2871 -> 1437 bytes res/raw/leapkeystore_bc147.bks | Bin 0 -> 2871 bytes src/se/leap/leapclient/ConfigHelper.java | 2 +- src/se/leap/leapclient/NewProviderDialog.java | 2 -- 8 files changed, 3 insertions(+), 5 deletions(-) create mode 100644 libs/bcprov-ext-jdk15on-146.jar delete mode 100644 libs/bcprov-ext-jdk15on-147.jar create mode 100644 res/raw/leapkeystore_bc147.bks diff --git a/.classpath b/.classpath index 177f415..e449cbf 100644 --- a/.classpath +++ b/.classpath @@ -2,7 +2,7 @@ - + diff --git a/libs/bcprov-ext-jdk15on-146.jar b/libs/bcprov-ext-jdk15on-146.jar new file mode 100644 index 0000000..7d8a22e Binary files /dev/null and b/libs/bcprov-ext-jdk15on-146.jar differ diff --git a/libs/bcprov-ext-jdk15on-147.jar b/libs/bcprov-ext-jdk15on-147.jar deleted file mode 100644 index 22a06b7..0000000 Binary files a/libs/bcprov-ext-jdk15on-147.jar and /dev/null differ diff --git a/project.properties b/project.properties index c4f09d2..895c9ce 100644 --- a/project.properties +++ b/project.properties @@ -8,4 +8,4 @@ # project structure. # Project target. -target=android-17 +target=android-16 diff --git a/res/raw/leapkeystore.bks b/res/raw/leapkeystore.bks index a6eaf30..b972172 100644 Binary files a/res/raw/leapkeystore.bks and b/res/raw/leapkeystore.bks differ diff --git a/res/raw/leapkeystore_bc147.bks b/res/raw/leapkeystore_bc147.bks new file mode 100644 index 0000000..a6eaf30 Binary files /dev/null and b/res/raw/leapkeystore_bc147.bks differ diff --git a/src/se/leap/leapclient/ConfigHelper.java b/src/se/leap/leapclient/ConfigHelper.java index 35aec88..c2f6c41 100644 --- a/src/se/leap/leapclient/ConfigHelper.java +++ b/src/se/leap/leapclient/ConfigHelper.java @@ -122,7 +122,7 @@ public class ConfigHelper { cf = CertificateFactory.getInstance("X.509"); X509Certificate cert = (X509Certificate)cf.generateCertificate(openFileInputStream(filename_to_save)); - keystore_trusted.setCertificateEntry("provider", cert); + keystore_trusted.setCertificateEntry(provider, cert); } catch (CertificateException e) { // TODO Auto-generated catch block e.printStackTrace(); diff --git a/src/se/leap/leapclient/NewProviderDialog.java b/src/se/leap/leapclient/NewProviderDialog.java index 09e7453..5245348 100644 --- a/src/se/leap/leapclient/NewProviderDialog.java +++ b/src/se/leap/leapclient/NewProviderDialog.java @@ -8,8 +8,6 @@ import android.content.DialogInterface; import android.os.Bundle; import android.view.LayoutInflater; import android.view.View; -import android.view.ViewGroup; -import android.webkit.WebView.FindListener; import android.widget.EditText; import android.widget.Toast; -- cgit v1.2.3