x509certificate - Add Server Certificate Information to Trust Manager Android Programmatically -
i new ssl , x509certificate concepts. need is, there way certificate information given url
for example: if user has typed https://www.google.com need certificate information programmatically.
edit:
finally, got certificate information server.
now, questions are:
1. how can check certificate trusted or not ?
2. how can add certificate trust manager ?
3. even, if un-trusted certificate, if user wants continue need add certificate trust manager. how can achieve this?
4. that, inorder check certificate trusted or not, need have certificate compare ?
i new these x.509 certificate.
any appreciated.
edit:
this have tried. but, none of them helping me. need certificate trusted or not.
x509trustmanager trustmanager = new x509trustmanager() { @override public void checkclienttrusted(x509certificate[] chain, string authtype) throws certificateexception { (trustmanager tm : managers) { if (tm instanceof x509trustmanager) { ((x509trustmanager) tm).checkclienttrusted( chain, authtype); } } } @override public void checkservertrusted(x509certificate[] chain, string authtype) { (x509certificate cert : chain) { final string mcertificatinotype = cert.gettype(); date afterdate = cert.getnotafter(); date beforedate = cert.getnotbefore(); date currentdate = new date(); try { cert.checkvalidity(new date()); } catch (certificateexpiredexception e) { loginactivity.isexpired = true; e.printstacktrace(); } catch (certificatenotyetvalidexception e) { loginactivity.isinvalid = true; e.printstacktrace(); } try { cert.verify(trustedroot.getpublickey()); } catch (invalidkeyexception e) { e.printstacktrace(); } catch (certificateexception e) { e.printstacktrace(); } catch (nosuchalgorithmexception e) { e.printstacktrace(); } catch (nosuchproviderexception e) { e.printstacktrace(); } catch (signatureexception e) { e.printstacktrace(); } try { if (cert.getissuerx500principal().equals( trustedroot.getissuerx500principal())) { } cert.verify(trustedhost.getpublickey()); } catch (invalidkeyexception e) { e.printstacktrace(); } catch (certificateexception e) { e.printstacktrace(); } catch (nosuchalgorithmexception e) { e.printstacktrace(); } catch (nosuchproviderexception e) { e.printstacktrace(); } catch (signatureexception e) { e.printstacktrace(); } if (afterdate.compareto(currentdate) * currentdate.compareto(beforedate) > 0) { } else { } if (cert.getissuerx500principal().equals( trustedroot.getissuerx500principal())) { return; } } // (x509certificate cert : chain) { // url url; // string host = ""; // if (basehoststring.equalsignorecase("")) { // final settings settings = mapplication // .getsettings(); // try { // url = new url( // settings.serveraddress.tostring()); // host = url.getauthority(); // } catch (malformedurlexception e) { // e.printstacktrace(); // } // } else { // // } // // string dn = cert.getsubjectdn().getname(); // string cn = getvalbyattributetypefromissuerdn(dn, // "cn="); // if (cn.equalsignorecase(host)) { // if (cert.getissuerx500principal().equals( // trustedroot.getissuerx500principal())) { // return; // } else { // } // } else { // } // } (trustmanager tm : managers) { if (tm instanceof x509trustmanager) { try { ((x509trustmanager) tm).checkservertrusted( chain, authtype); } catch (certificateexception e) { e.printstacktrace(); } } } } @override public x509certificate[] getacceptedissuers() { arraylist<x509certificate> issuers = new arraylist<>(); (trustmanager tm : managers) { if (tm instanceof x509trustmanager) { issuers.addall(arrays .aslist(((x509trustmanager) tm) .getacceptedissuers())); } } return issuers.toarray(new x509certificate[issuers .size()]); } };
finally, cracked!
x509trustmanager trustmanager = new x509trustmanager() { @override public void checkclienttrusted(x509certificate[] chain, string authtype) throws certificateexception { (trustmanager tm : managers) { if (tm instanceof x509trustmanager) { ((x509trustmanager) tm).checkclienttrusted( chain, authtype); } } } @override public void checkservertrusted( final x509certificate[] chain, string authtype) { (x509certificate cert : chain) { final string mcertificatinotype = cert.gettype(); date afterdate = cert.getnotafter(); date beforedate = cert.getnotbefore(); date currentdate = new date(); try { cert.checkvalidity(new date()); } catch (certificateexpiredexception e) { isexpired = true; e.printstacktrace(); } catch (certificatenotyetvalidexception e) { isinvalid = true; e.printstacktrace(); } if (afterdate.compareto(currentdate) * currentdate.compareto(beforedate) > 0) { isexpired = false; } else { isexpired = true; } string dn = cert.getsubjectdn().getname(); string cn = getvalbyattributetypefromissuerdn(dn, "cn="); string host = ""; if (textutils.isempty(query)) { if (basehoststring.equalsignorecase("")) { final settings settings = mapplication .getsettings(); try { url url = new url( settings.serveraddress .tostring()); host = url.getauthority(); if (host.contains(string.valueof(url .getport()))) { string tobereplaced = ":" + url.getport(); host = host.replace(tobereplaced, ""); } } catch (malformedurlexception e) { e.printstacktrace(); } } else { try { url url = new url(basehoststring); host = url.getauthority(); if (host.contains(string.valueof(url .getport()))) { string tobereplaced = ":" + url.getport(); host = host.replace(tobereplaced, ""); } } catch (malformedurlexception e) { e.printstacktrace(); } } } else { try { url url = new url(query); host = url.getauthority(); if (host.contains(string.valueof(url .getport()))) { string tobereplaced = ":" + url.getport(); host = host.replace(tobereplaced, ""); } } catch (malformedurlexception e) { e.printstacktrace(); } } if (cn.equalsignorecase(host)) { ishostmismatch = false; } else { ishostmismatch = true; } (trustmanager tm : managers) { if (tm instanceof x509trustmanager) { try { ((x509trustmanager) tm) .checkservertrusted(chain, authtype); } catch (certificateexception e) { if (e.getmessage() != null && e.getmessage() .contains( "trust anchor certification path not found.")) { isnottrusted = true; mapplication .setcurrentcertificate(chain); } e.printstacktrace(); } } } if (cert.getissuerx500principal().equals( trustedroot.getissuerx500principal())) { return; } } } @override public x509certificate[] getacceptedissuers() { arraylist<x509certificate> issuers = new arraylist<>(); (trustmanager tm : managers) { if (tm instanceof x509trustmanager) { issuers.addall(arrays .aslist(((x509trustmanager) tm) .getacceptedissuers())); } } return issuers.toarray(new x509certificate[issuers .size()]); } }; thanks everybody.
Comments
Post a Comment