Skip to content
Browse files

Fix custom certificate issue. Aliases must be the domain name for the…

… certificate to be used. Alias now set based on filename.
  • Loading branch information...
1 parent 20ac8d8 commit b9a30e557f189098ba3dca80ad4b36e46ecb9f81 Brian Moore committed Oct 29, 2013
Showing with 38 additions and 11 deletions.
  1. +37 −10 platform/android/Rhodes/src/com/rhomobile/rhodes/socket/SSLImpl.java
  2. +1 −1 version
View
47 platform/android/Rhodes/src/com/rhomobile/rhodes/socket/SSLImpl.java
@@ -71,9 +71,13 @@
private static SSLSocketFactory secureFactory = null;
private static SSLSocketFactory mutualAuthFactory = null;
+ private static List<Certificate> certs = null;
+ private static List<String> aliases = null;
+
private SSLSocket sock;
+
//Used from jni
@SuppressWarnings("unused")
private int sockfd;
@@ -226,9 +230,31 @@ private static Certificate loadCertificate( File f ) {
return cert;
}
- private static List<Certificate> loadAllCertificates() {
- List<Certificate> certs = new ArrayList<Certificate>();
-
+ private static String removeExtension(String s) {
+
+ String separator = System.getProperty("file.separator");
+ String filename;
+
+ // Remove the path upto the filename.
+ int lastSeparatorIndex = s.lastIndexOf(separator);
+ if (lastSeparatorIndex == -1) {
+ filename = s;
+ } else {
+ filename = s.substring(lastSeparatorIndex + 1);
+ }
+
+ // Remove the extension.
+ int extensionIndex = filename.lastIndexOf(".");
+ if (extensionIndex == -1)
+ return filename;
+
+ return filename.substring(0, extensionIndex);
+ }
+
+ private static void loadAllCertificates() {
+ certs = new ArrayList<Certificate>();
+ aliases = new ArrayList<String>();
+
Logger.I(TAG, "Loading all SSL certificates from config");
@@ -244,6 +270,7 @@ private static Certificate loadCertificate( File f ) {
Certificate c = loadCertificate(caFile);
if ( c != null ) {
certs.add( c );
+ aliases.add(removeExtension(caFilePath));
}
} else {
Logger.W(TAG, "CAFile config parameter exists, but file " + caFilePath + " not found." );
@@ -263,6 +290,7 @@ private static Certificate loadCertificate( File f ) {
Certificate c = loadCertificate(f);
if ( c != null ) {
certs.add( c );
+ aliases.add( removeExtension(f.getName()) );
}
}
@@ -274,7 +302,6 @@ private static Certificate loadCertificate( File f ) {
Logger.I(TAG, "SSL certificates loaded: " + String.valueOf(certs.size()) );
- return certs;
}
private static SSLSocketFactory getSecureFactory() throws NoSuchAlgorithmException, KeyManagementException, CertificateException, KeyStoreException, IOException, UnrecoverableKeyException {
@@ -292,12 +319,12 @@ private static SSLSocketFactory getSecureFactory() throws NoSuchAlgorithmExcepti
KeyStore keystore = KeyStore.getInstance( KeyStore.getDefaultType() );
keystore.load(null);
- List<Certificate> certs = loadAllCertificates();
+ loadAllCertificates();
// Add loaded custom certificates to keystore
- if ( certs != null ) {
+ if ( certs != null && aliases != null) {
for ( int i = 0; i < certs.size(); ++i ) {
- keystore.setCertificateEntry("cert-alias"+ String.valueOf(i),certs.get(i));
+ keystore.setCertificateEntry(aliases.get(i),certs.get(i));
}
}
@@ -335,9 +362,9 @@ private static SSLSocketFactory getSecureFactory() throws NoSuchAlgorithmExcepti
* so we make our own wrapper which encapsulates both system installed and custom provided certificates
*/
context.init(
- (kmf==null)?null:kmf.getKeyManagers(),
- new TrustManager[] { new MySecureTrustManager( systemTrustManager, customTrustManager ) },
- new SecureRandom()
+ (kmf==null)?null:kmf.getKeyManagers(),
+ new TrustManager[] { new MySecureTrustManager( systemTrustManager, customTrustManager ) },
+ new SecureRandom()
);
Logger.I(TAG, "Secure SSL factory initialization completed");
View
2 version
@@ -1 +1 @@
-3.4.2.6
+3.4.2.6.3

0 comments on commit b9a30e5

Please sign in to comment.
Something went wrong with that request. Please try again.