Example 1 with ContentSigner
use of org.spongycastle.operator.ContentSigner in project kdeconnect-android by KDE.
the class SslHelper method initialiseCertificate.
public static void initialiseCertificate(Context context) {
PrivateKey privateKey;
PublicKey publicKey;
try {
privateKey = RsaHelper.getPrivateKey(context);
publicKey = RsaHelper.getPublicKey(context);
} catch (Exception e) {
Log.e("SslHelper", "Error getting keys, can't create certificate");
return;
}
SharedPreferences settings = PreferenceManager.getDefaultSharedPreferences(context);
if (!settings.contains("certificate")) {
try {
X500NameBuilder nameBuilder = new X500NameBuilder(BCStyle.INSTANCE);
nameBuilder.addRDN(BCStyle.CN, DeviceHelper.getDeviceId(context));
nameBuilder.addRDN(BCStyle.OU, "KDE Connect");
nameBuilder.addRDN(BCStyle.O, "KDE");
Calendar calendar = Calendar.getInstance();
calendar.add(Calendar.YEAR, -1);
Date notBefore = calendar.getTime();
calendar.add(Calendar.YEAR, 10);
Date notAfter = calendar.getTime();
X509v3CertificateBuilder certificateBuilder = new JcaX509v3CertificateBuilder(nameBuilder.build(), BigInteger.ONE, notBefore, notAfter, nameBuilder.build(), publicKey);
ContentSigner contentSigner = new JcaContentSignerBuilder("SHA256WithRSAEncryption").setProvider(BC).build(privateKey);
certificate = new JcaX509CertificateConverter().setProvider(BC).getCertificate(certificateBuilder.build(contentSigner));
SharedPreferences.Editor edit = settings.edit();
edit.putString("certificate", Base64.encodeToString(certificate.getEncoded(), 0));
edit.apply();
} catch (Exception e) {
e.printStackTrace();
Log.e("KDE/initialiseCert", "Exception");
return;
}
} else {
try {
SharedPreferences globalSettings = PreferenceManager.getDefaultSharedPreferences(context);
byte[] certificateBytes = Base64.decode(globalSettings.getString("certificate", ""), 0);
X509CertificateHolder certificateHolder = new X509CertificateHolder(certificateBytes);
certificate = new JcaX509CertificateConverter().setProvider(BC).getCertificate(certificateHolder);
} catch (Exception e) {
Log.e("KDE/SslHelper", "Exception reading own certificate");
e.printStackTrace();
}
}
}
Also used :
PrivateKey(java.security.PrivateKey)
X500NameBuilder(org.spongycastle.asn1.x500.X500NameBuilder)
SharedPreferences(android.content.SharedPreferences)
PublicKey(java.security.PublicKey)
JcaContentSignerBuilder(org.spongycastle.operator.jcajce.JcaContentSignerBuilder)
Calendar(java.util.Calendar)
ContentSigner(org.spongycastle.operator.ContentSigner)
IOException(java.io.IOException)
CertificateException(java.security.cert.CertificateException)
Date(java.util.Date)
JcaX509v3CertificateBuilder(org.spongycastle.cert.jcajce.JcaX509v3CertificateBuilder)
X509v3CertificateBuilder(org.spongycastle.cert.X509v3CertificateBuilder)
JcaX509CertificateConverter(org.spongycastle.cert.jcajce.JcaX509CertificateConverter)
JcaX509v3CertificateBuilder(org.spongycastle.cert.jcajce.JcaX509v3CertificateBuilder)
X509CertificateHolder(org.spongycastle.cert.X509CertificateHolder)
Example 2 with ContentSigner
use of org.spongycastle.operator.ContentSigner in project kdeconnect-android by KDE.
the class DeviceTest method testPairingDoneWithCertificate.
public void testPairingDoneWithCertificate() throws Exception {
KeyPair keyPair = null;
try {
KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA");
keyGen.initialize(2048);
keyPair = keyGen.genKeyPair();
} catch (Exception e) {
e.printStackTrace();
Log.e("KDE/initializeRsaKeys", "Exception");
}
X509Certificate certificate = null;
try {
BouncyCastleProvider BC = new BouncyCastleProvider();
X500NameBuilder nameBuilder = new X500NameBuilder(BCStyle.INSTANCE);
nameBuilder.addRDN(BCStyle.CN, "testDevice");
nameBuilder.addRDN(BCStyle.OU, "KDE Connect");
nameBuilder.addRDN(BCStyle.O, "KDE");
Date notBefore = new Date(System.currentTimeMillis());
Date notAfter = new Date(System.currentTimeMillis() + System.currentTimeMillis());
X509v3CertificateBuilder certificateBuilder = new JcaX509v3CertificateBuilder(nameBuilder.build(), BigInteger.ONE, notBefore, notAfter, nameBuilder.build(), keyPair.getPublic());
ContentSigner contentSigner = new JcaContentSignerBuilder("SHA256WithRSAEncryption").setProvider(BC).build(keyPair.getPrivate());
certificate = new JcaX509CertificateConverter().setProvider(BC).getCertificate(certificateBuilder.build(contentSigner));
} catch (Exception e) {
e.printStackTrace();
Log.e("KDE/initialiseCert", "Exception");
}
NetworkPackage fakeNetworkPackage = new NetworkPackage(NetworkPackage.PACKAGE_TYPE_IDENTITY);
fakeNetworkPackage.set("deviceId", "unpairedTestDevice");
fakeNetworkPackage.set("deviceName", "Unpaired Test Device");
fakeNetworkPackage.set("protocolVersion", NetworkPackage.ProtocolVersion);
fakeNetworkPackage.set("deviceType", Device.DeviceType.Phone.toString());
fakeNetworkPackage.set("certificate", Base64.encodeToString(certificate.getEncoded(), 0));
LanLinkProvider linkProvider = Mockito.mock(LanLinkProvider.class);
Mockito.when(linkProvider.getName()).thenReturn("LanLinkProvider");
LanLink link = Mockito.mock(LanLink.class);
Mockito.when(link.getPairingHandler(Mockito.any(Device.class), Mockito.any(BasePairingHandler.PairingHandlerCallback.class))).thenReturn(Mockito.mock(LanPairingHandler.class));
Mockito.when(link.getLinkProvider()).thenReturn(linkProvider);
Device device = new Device(getContext(), fakeNetworkPackage, link);
device.publicKey = keyPair.getPublic();
assertNotNull(device);
assertEquals(device.getDeviceId(), "unpairedTestDevice");
assertEquals(device.getName(), "Unpaired Test Device");
assertEquals(device.getDeviceType(), Device.DeviceType.Phone);
assertNotNull(device.publicKey);
assertNotNull(device.certificate);
Method method;
try {
method = Device.class.getDeclaredMethod("pairingDone");
method.setAccessible(true);
method.invoke(device);
} catch (Exception e) {
e.printStackTrace();
}
assertEquals(device.isPaired(), true);
SharedPreferences preferences = getContext().getSharedPreferences("trusted_devices", Context.MODE_PRIVATE);
assertEquals(preferences.getBoolean(device.getDeviceId(), false), true);
SharedPreferences settings = getContext().getSharedPreferences(device.getDeviceId(), Context.MODE_PRIVATE);
assertEquals(settings.getString("deviceName", "Unknown device"), "Unpaired Test Device");
assertEquals(settings.getString("deviceType", "tablet"), "phone");
// Cleanup for unpaired test device
preferences.edit().remove(device.getDeviceId()).apply();
settings.edit().clear().apply();
}
Also used :
KeyPair(java.security.KeyPair)
LanLink(org.kde.kdeconnect.Backends.LanBackend.LanLink)
X500NameBuilder(org.spongycastle.asn1.x500.X500NameBuilder)
SharedPreferences(android.content.SharedPreferences)
JcaContentSignerBuilder(org.spongycastle.operator.jcajce.JcaContentSignerBuilder)
ContentSigner(org.spongycastle.operator.ContentSigner)
KeyPairGenerator(java.security.KeyPairGenerator)
Method(java.lang.reflect.Method)
X509Certificate(java.security.cert.X509Certificate)
Date(java.util.Date)
LanLinkProvider(org.kde.kdeconnect.Backends.LanBackend.LanLinkProvider)
JcaX509v3CertificateBuilder(org.spongycastle.cert.jcajce.JcaX509v3CertificateBuilder)
X509v3CertificateBuilder(org.spongycastle.cert.X509v3CertificateBuilder)
JcaX509CertificateConverter(org.spongycastle.cert.jcajce.JcaX509CertificateConverter)
JcaX509v3CertificateBuilder(org.spongycastle.cert.jcajce.JcaX509v3CertificateBuilder)
LanPairingHandler(org.kde.kdeconnect.Backends.LanBackend.LanPairingHandler)
BouncyCastleProvider(org.spongycastle.jce.provider.BouncyCastleProvider)
Aggregations
SharedPreferences (android.content.SharedPreferences)2
Date (java.util.Date)2
X500NameBuilder (org.spongycastle.asn1.x500.X500NameBuilder)2
X509v3CertificateBuilder (org.spongycastle.cert.X509v3CertificateBuilder)2
JcaX509CertificateConverter (org.spongycastle.cert.jcajce.JcaX509CertificateConverter)2
JcaX509v3CertificateBuilder (org.spongycastle.cert.jcajce.JcaX509v3CertificateBuilder)2
ContentSigner (org.spongycastle.operator.ContentSigner)2
JcaContentSignerBuilder (org.spongycastle.operator.jcajce.JcaContentSignerBuilder)2
IOException (java.io.IOException)1
Method (java.lang.reflect.Method)1
KeyPair (java.security.KeyPair)1
KeyPairGenerator (java.security.KeyPairGenerator)1
PrivateKey (java.security.PrivateKey)1
PublicKey (java.security.PublicKey)1
CertificateException (java.security.cert.CertificateException)1
X509Certificate (java.security.cert.X509Certificate)1
Calendar (java.util.Calendar)1
LanLink (org.kde.kdeconnect.Backends.LanBackend.LanLink)1
LanLinkProvider (org.kde.kdeconnect.Backends.LanBackend.LanLinkProvider)1
LanPairingHandler (org.kde.kdeconnect.Backends.LanBackend.LanPairingHandler)1
