public static void addCertToKnownServersStore(Certificate cert, Context context) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException { KeyStore knownServers = getKnownServersStore(context); knownServers.setCertificateEntry(Integer.toString(cert.hashCode()), cert); FileOutputStream fos = null; try { fos = context.openFileOutput(LOCAL_TRUSTSTORE_FILENAME, Context.MODE_PRIVATE); knownServers.store(fos, LOCAL_TRUSTSTORE_PASSWORD.toCharArray()); } finally { fos.close(); } }
/** * Creates a OwnCloudClient to access a URL and sets the desired parameters for ownCloud * client connections. * * @param uri URL to the ownCloud server; BASE ENTRY POINT, not WebDavPATH * @param context Android context where the OwnCloudClient is being created. * @return A OwnCloudClient object ready to be used */ public static OwnCloudClient createOwnCloudClient(Uri uri, Context context, boolean followRedirects, boolean useNextcloudUserAgent) { try { NetworkUtils.registerAdvancedSslContext(true, context); } catch (GeneralSecurityException e) { Log_OC.e(TAG, "Advanced SSL Context could not be loaded. Default SSL management in" + " the system will be used for HTTPS connections", e); } catch (IOException e) { Log_OC.e(TAG, "The local server truststore could not be read. Default SSL management" + " in the system will be used for HTTPS connections", e); } OwnCloudClient client = new OwnCloudClient(uri, NetworkUtils.getMultiThreadedConnManager(), useNextcloudUserAgent); client.setDefaultTimeouts(DEFAULT_DATA_TIMEOUT, DEFAULT_CONNECTION_TIMEOUT); client.setFollowRedirects(followRedirects); return client; }
/** * Registers or unregisters the proper components for advanced SSL handling. * @throws IOException */ @SuppressWarnings("deprecation") public static void registerAdvancedSslContext(boolean register, Context context) throws GeneralSecurityException, IOException { Protocol pr = null; try { pr = Protocol.getProtocol("https"); if (pr != null && mDefaultHttpsProtocol == null) { mDefaultHttpsProtocol = pr; } } catch (IllegalStateException e) { // nothing to do here; really } boolean isRegistered = (pr != null && pr.getSocketFactory() instanceof AdvancedSslSocketFactory); if (register && !isRegistered) { Protocol.registerProtocol("https", new Protocol("https", getAdvancedSslSocketFactory(context), 443)); } else if (!register && isRegistered) { if (mDefaultHttpsProtocol != null) { Protocol.registerProtocol("https", mDefaultHttpsProtocol); } } }
public static void addCertToKnownServersStore(Certificate cert, Context context) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException { KeyStore knownServers = getKnownServersStore(context); knownServers.setCertificateEntry(Integer.toString(cert.hashCode()), cert); FileOutputStream fos = null; try { fos = context.openFileOutput(LOCAL_TRUSTSTORE_FILENAME, Context.MODE_PRIVATE); knownServers.store(fos, LOCAL_TRUSTSTORE_PASSWORD.toCharArray()); } finally { fos.close(); } }
public static boolean isCertInKnownServersStore(Certificate cert, Context context) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException { KeyStore knownServers = getKnownServersStore(context); Log_OC.d(TAG, "Certificate - HashCode: " + cert.hashCode() + " " + Boolean.toString(knownServers.isCertificateEntry(Integer.toString(cert.hashCode())))); return knownServers.isCertificateEntry(Integer.toString(cert.hashCode())); }
public static AdvancedSslSocketFactory getAdvancedSslSocketFactory(Context context) throws GeneralSecurityException, IOException { if (mAdvancedSslSocketFactory == null) { KeyStore trustStore = getKnownServersStore(context); AdvancedX509TrustManager trustMgr = new AdvancedX509TrustManager(trustStore); TrustManager[] tms = new TrustManager[] { trustMgr }; SSLContext sslContext; try { sslContext = SSLContext.getInstance("TLSv1.2"); } catch (NoSuchAlgorithmException e) { Log_OC.w(TAG, "TLSv1.2 is not supported in this device; falling through TLSv1.0"); sslContext = SSLContext.getInstance("TLSv1"); // should be available in any device; see reference of supported protocols in // http://developer.android.com/reference/javax/net/ssl/SSLSocket.html } sslContext.init(null, tms, null); mHostnameVerifier = new BrowserCompatHostnameVerifier(); mAdvancedSslSocketFactory = new AdvancedSslSocketFactory(sslContext, trustMgr, mHostnameVerifier); } return mAdvancedSslSocketFactory; }
public static boolean isCertInKnownServersStore(Certificate cert, Context context) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException { KeyStore knownServers = getKnownServersStore(context); Log_OC.d(TAG, "Certificate - HashCode: " + cert.hashCode() + " " + Boolean.toString(knownServers.isCertificateEntry(Integer.toString(cert.hashCode())))); return knownServers.isCertificateEntry(Integer.toString(cert.hashCode())); }
try { final X509TrustManager trustManager = new AdvancedX509TrustManager( NetworkUtils.getKnownServersStore(sContext)); final SSLContext sslContext = SSLContext.getInstance("TLS"); sslContext.init(null, new TrustManager[] {trustManager}, null);