Search in sources :

Example 1 with JcaContentSignerBuilder

use of org.spongycastle.operator.jcajce.JcaContentSignerBuilder in project kdeconnect-android by KDE.

the class SslHelper method initialiseCertificate.

public static void initialiseCertificate(Context context) {
    PrivateKey privateKey;
    PublicKey publicKey;
    try {
        privateKey = RsaHelper.getPrivateKey(context);
        publicKey = RsaHelper.getPublicKey(context);
    } catch (Exception e) {
        Log.e("SslHelper", "Error getting keys, can't create certificate");
        return;
    }
    SharedPreferences settings = PreferenceManager.getDefaultSharedPreferences(context);
    if (!settings.contains("certificate")) {
        try {
            X500NameBuilder nameBuilder = new X500NameBuilder(BCStyle.INSTANCE);
            nameBuilder.addRDN(BCStyle.CN, DeviceHelper.getDeviceId(context));
            nameBuilder.addRDN(BCStyle.OU, "KDE Connect");
            nameBuilder.addRDN(BCStyle.O, "KDE");
            Calendar calendar = Calendar.getInstance();
            calendar.add(Calendar.YEAR, -1);
            Date notBefore = calendar.getTime();
            calendar.add(Calendar.YEAR, 10);
            Date notAfter = calendar.getTime();
            X509v3CertificateBuilder certificateBuilder = new JcaX509v3CertificateBuilder(nameBuilder.build(), BigInteger.ONE, notBefore, notAfter, nameBuilder.build(), publicKey);
            ContentSigner contentSigner = new JcaContentSignerBuilder("SHA256WithRSAEncryption").setProvider(BC).build(privateKey);
            certificate = new JcaX509CertificateConverter().setProvider(BC).getCertificate(certificateBuilder.build(contentSigner));
            SharedPreferences.Editor edit = settings.edit();
            edit.putString("certificate", Base64.encodeToString(certificate.getEncoded(), 0));
            edit.apply();
        } catch (Exception e) {
            e.printStackTrace();
            Log.e("KDE/initialiseCert", "Exception");
            return;
        }
    } else {
        try {
            SharedPreferences globalSettings = PreferenceManager.getDefaultSharedPreferences(context);
            byte[] certificateBytes = Base64.decode(globalSettings.getString("certificate", ""), 0);
            X509CertificateHolder certificateHolder = new X509CertificateHolder(certificateBytes);
            certificate = new JcaX509CertificateConverter().setProvider(BC).getCertificate(certificateHolder);
        } catch (Exception e) {
            Log.e("KDE/SslHelper", "Exception reading own certificate");
            e.printStackTrace();
        }
    }
}
Also used : PrivateKey(java.security.PrivateKey) X500NameBuilder(org.spongycastle.asn1.x500.X500NameBuilder) SharedPreferences(android.content.SharedPreferences) PublicKey(java.security.PublicKey) JcaContentSignerBuilder(org.spongycastle.operator.jcajce.JcaContentSignerBuilder) Calendar(java.util.Calendar) ContentSigner(org.spongycastle.operator.ContentSigner) IOException(java.io.IOException) CertificateException(java.security.cert.CertificateException) Date(java.util.Date) JcaX509v3CertificateBuilder(org.spongycastle.cert.jcajce.JcaX509v3CertificateBuilder) X509v3CertificateBuilder(org.spongycastle.cert.X509v3CertificateBuilder) JcaX509CertificateConverter(org.spongycastle.cert.jcajce.JcaX509CertificateConverter) JcaX509v3CertificateBuilder(org.spongycastle.cert.jcajce.JcaX509v3CertificateBuilder) X509CertificateHolder(org.spongycastle.cert.X509CertificateHolder)

Example 2 with JcaContentSignerBuilder

use of org.spongycastle.operator.jcajce.JcaContentSignerBuilder in project kdeconnect-android by KDE.

the class DeviceTest method testPairingDoneWithCertificate.

public void testPairingDoneWithCertificate() throws Exception {
    KeyPair keyPair = null;
    try {
        KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA");
        keyGen.initialize(2048);
        keyPair = keyGen.genKeyPair();
    } catch (Exception e) {
        e.printStackTrace();
        Log.e("KDE/initializeRsaKeys", "Exception");
    }
    X509Certificate certificate = null;
    try {
        BouncyCastleProvider BC = new BouncyCastleProvider();
        X500NameBuilder nameBuilder = new X500NameBuilder(BCStyle.INSTANCE);
        nameBuilder.addRDN(BCStyle.CN, "testDevice");
        nameBuilder.addRDN(BCStyle.OU, "KDE Connect");
        nameBuilder.addRDN(BCStyle.O, "KDE");
        Date notBefore = new Date(System.currentTimeMillis());
        Date notAfter = new Date(System.currentTimeMillis() + System.currentTimeMillis());
        X509v3CertificateBuilder certificateBuilder = new JcaX509v3CertificateBuilder(nameBuilder.build(), BigInteger.ONE, notBefore, notAfter, nameBuilder.build(), keyPair.getPublic());
        ContentSigner contentSigner = new JcaContentSignerBuilder("SHA256WithRSAEncryption").setProvider(BC).build(keyPair.getPrivate());
        certificate = new JcaX509CertificateConverter().setProvider(BC).getCertificate(certificateBuilder.build(contentSigner));
    } catch (Exception e) {
        e.printStackTrace();
        Log.e("KDE/initialiseCert", "Exception");
    }
    NetworkPackage fakeNetworkPackage = new NetworkPackage(NetworkPackage.PACKAGE_TYPE_IDENTITY);
    fakeNetworkPackage.set("deviceId", "unpairedTestDevice");
    fakeNetworkPackage.set("deviceName", "Unpaired Test Device");
    fakeNetworkPackage.set("protocolVersion", NetworkPackage.ProtocolVersion);
    fakeNetworkPackage.set("deviceType", Device.DeviceType.Phone.toString());
    fakeNetworkPackage.set("certificate", Base64.encodeToString(certificate.getEncoded(), 0));
    LanLinkProvider linkProvider = Mockito.mock(LanLinkProvider.class);
    Mockito.when(linkProvider.getName()).thenReturn("LanLinkProvider");
    LanLink link = Mockito.mock(LanLink.class);
    Mockito.when(link.getPairingHandler(Mockito.any(Device.class), Mockito.any(BasePairingHandler.PairingHandlerCallback.class))).thenReturn(Mockito.mock(LanPairingHandler.class));
    Mockito.when(link.getLinkProvider()).thenReturn(linkProvider);
    Device device = new Device(getContext(), fakeNetworkPackage, link);
    device.publicKey = keyPair.getPublic();
    assertNotNull(device);
    assertEquals(device.getDeviceId(), "unpairedTestDevice");
    assertEquals(device.getName(), "Unpaired Test Device");
    assertEquals(device.getDeviceType(), Device.DeviceType.Phone);
    assertNotNull(device.publicKey);
    assertNotNull(device.certificate);
    Method method;
    try {
        method = Device.class.getDeclaredMethod("pairingDone");
        method.setAccessible(true);
        method.invoke(device);
    } catch (Exception e) {
        e.printStackTrace();
    }
    assertEquals(device.isPaired(), true);
    SharedPreferences preferences = getContext().getSharedPreferences("trusted_devices", Context.MODE_PRIVATE);
    assertEquals(preferences.getBoolean(device.getDeviceId(), false), true);
    SharedPreferences settings = getContext().getSharedPreferences(device.getDeviceId(), Context.MODE_PRIVATE);
    assertEquals(settings.getString("deviceName", "Unknown device"), "Unpaired Test Device");
    assertEquals(settings.getString("deviceType", "tablet"), "phone");
    // Cleanup for unpaired test device
    preferences.edit().remove(device.getDeviceId()).apply();
    settings.edit().clear().apply();
}
Also used : KeyPair(java.security.KeyPair) LanLink(org.kde.kdeconnect.Backends.LanBackend.LanLink) X500NameBuilder(org.spongycastle.asn1.x500.X500NameBuilder) SharedPreferences(android.content.SharedPreferences) JcaContentSignerBuilder(org.spongycastle.operator.jcajce.JcaContentSignerBuilder) ContentSigner(org.spongycastle.operator.ContentSigner) KeyPairGenerator(java.security.KeyPairGenerator) Method(java.lang.reflect.Method) X509Certificate(java.security.cert.X509Certificate) Date(java.util.Date) LanLinkProvider(org.kde.kdeconnect.Backends.LanBackend.LanLinkProvider) JcaX509v3CertificateBuilder(org.spongycastle.cert.jcajce.JcaX509v3CertificateBuilder) X509v3CertificateBuilder(org.spongycastle.cert.X509v3CertificateBuilder) JcaX509CertificateConverter(org.spongycastle.cert.jcajce.JcaX509CertificateConverter) JcaX509v3CertificateBuilder(org.spongycastle.cert.jcajce.JcaX509v3CertificateBuilder) LanPairingHandler(org.kde.kdeconnect.Backends.LanBackend.LanPairingHandler) BouncyCastleProvider(org.spongycastle.jce.provider.BouncyCastleProvider)

Aggregations

SharedPreferences (android.content.SharedPreferences)2 Date (java.util.Date)2 X500NameBuilder (org.spongycastle.asn1.x500.X500NameBuilder)2 X509v3CertificateBuilder (org.spongycastle.cert.X509v3CertificateBuilder)2 JcaX509CertificateConverter (org.spongycastle.cert.jcajce.JcaX509CertificateConverter)2 JcaX509v3CertificateBuilder (org.spongycastle.cert.jcajce.JcaX509v3CertificateBuilder)2 ContentSigner (org.spongycastle.operator.ContentSigner)2 JcaContentSignerBuilder (org.spongycastle.operator.jcajce.JcaContentSignerBuilder)2 IOException (java.io.IOException)1 Method (java.lang.reflect.Method)1 KeyPair (java.security.KeyPair)1 KeyPairGenerator (java.security.KeyPairGenerator)1 PrivateKey (java.security.PrivateKey)1 PublicKey (java.security.PublicKey)1 CertificateException (java.security.cert.CertificateException)1 X509Certificate (java.security.cert.X509Certificate)1 Calendar (java.util.Calendar)1 LanLink (org.kde.kdeconnect.Backends.LanBackend.LanLink)1 LanLinkProvider (org.kde.kdeconnect.Backends.LanBackend.LanLinkProvider)1 LanPairingHandler (org.kde.kdeconnect.Backends.LanBackend.LanPairingHandler)1