/* ownCloud Android client application
- * Copyright (C) 2012 Bartek Przybylski
+ * Copyright (C) 2012-2013 ownCloud Inc.
*
* This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
+ * it under the terms of the GNU General Public License version 2,
+ * as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
+import java.security.cert.CertPathValidatorException;
import java.security.cert.CertStoreException;
import java.security.cert.CertificateException;
+import java.security.cert.CertificateExpiredException;
+import java.security.cert.CertificateNotYetValidException;
import java.security.cert.X509Certificate;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
-import android.util.Log;
+import com.owncloud.android.Log_OC;
/**
* @author David A. Velasco
*/
public void checkServerTrusted(X509Certificate[] certificates, String authType) throws CertificateException {
if (!isKnownServer(certificates[0])) {
- Log.d(TAG, "checkClientTrusted() with standard trust manager...");
- mStandardTrustManager.checkClientTrusted(certificates, authType);
+ CertificateCombinedException result = new CertificateCombinedException(certificates[0]);
+ try {
+ certificates[0].checkValidity();
+ } catch (CertificateExpiredException c) {
+ result.setCertificateExpiredException(c);
+
+ } catch (CertificateNotYetValidException c) {
+ result.setCertificateNotYetException(c);
+ }
+
+ try {
+ mStandardTrustManager.checkServerTrusted(certificates, authType);
+ } catch (CertificateException c) {
+ Throwable cause = c.getCause();
+ Throwable previousCause = null;
+ while (cause != null && cause != previousCause && !(cause instanceof CertPathValidatorException)) { // getCause() is not funny
+ previousCause = cause;
+ cause = cause.getCause();
+ }
+ if (cause != null && cause instanceof CertPathValidatorException) {
+ result.setCertPathValidatorException((CertPathValidatorException)cause);
+ } else {
+ result.setOtherCertificateException(c);
+ }
+ }
+
+ if (result.isException())
+ throw result;
+
}
}
}
- private boolean isKnownServer(X509Certificate cert) {
+ public boolean isKnownServer(X509Certificate cert) {
try {
return (mKnownServersKeyStore.getCertificateAlias(cert) != null);
} catch (KeyStoreException e) {
- Log.d(TAG, "Fail while checking certificate in the known-servers store");
+ Log_OC.d(TAG, "Fail while checking certificate in the known-servers store");
return false;
}
}
projects / pub / Android / ownCloud.git / blobdiff