summaryrefslogtreecommitdiff
path: root/src/se/leap/leapclient/LeapHttpClient.java
blob: 42f9a5235604791496041091596d0624d52de84d (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
package se.leap.leapclient;

import java.security.KeyStore;

import org.apache.http.conn.ClientConnectionManager;
import org.apache.http.conn.scheme.PlainSocketFactory;
import org.apache.http.conn.scheme.Scheme;
import org.apache.http.conn.scheme.SchemeRegistry;
import org.apache.http.conn.ssl.SSLSocketFactory;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.impl.conn.SingleClientConnManager;
import android.content.Context;

/**
 * Implements an HTTP client, enabling LEAP Android app to manage its own runtime keystore or bypass default Android security measures.
 * 
 * @author rafa
 *
 */
public class LeapHttpClient extends DefaultHttpClient {
	final Context context;

	private static LeapHttpClient client;

	/**
	 * If the class scope client is null, it creates one and imports, if existing, the main certificate from Shared Preferences. 
	 * @param context
	 * @return the new client.
	 */
	public static LeapHttpClient getInstance(Context context) {
		if(client == null) {
			client = new LeapHttpClient(context);
			String cert_string = ConfigHelper.getStringFromSharedPref(ConfigHelper.MAIN_CERT_KEY);
			if(cert_string != null) {
				ConfigHelper.addTrustedCertificate("recovered_certificate", cert_string);
			}
		}
		return client;
	}

	@Override
	protected ClientConnectionManager createClientConnectionManager() {
		SchemeRegistry registry = new SchemeRegistry();
		registry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));
		registry.register(new Scheme("https", newSslSocketFactory(), 443));

		return new SingleClientConnManager(getParams(), registry);
	}

	/**
	 * Uses keystore from ConfigHelper for the SSLSocketFactory.
	 * 
	 * Sets hostname verifier to allow all hostname verifier.
	 * @return
	 */
	private SSLSocketFactory newSslSocketFactory() {
		try {
			KeyStore trusted = ConfigHelper.getKeystore();
			SSLSocketFactory sf = new SSLSocketFactory(trusted);
			sf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);

			return sf;
		} catch (Exception e) {
			throw new AssertionError(e);
		}
	}

	public LeapHttpClient(Context context) {
		this.context = context;
	}
}