Commit d5f53044 authored by Toni Beier's avatar Toni Beier

Merge branch 'new_ca_migration' into 'master'

Migration der neuen CA

Closes #24

See merge request !6
parents 2d2fbae1 da65de98
Pipeline #21739 passed with stages
in 4 minutes and 56 seconds
-----BEGIN CERTIFICATE-----
MIIGLjCCBBagAwIBAgIJAONOGbgO3/24MA0GCSqGSIb3DQEBCwUAMIGjMQswCQYDVQQGEwJERTEQMA4GA1UECAwHU2FjaHNlbjERMA8GA1UEBwwIQ2hlbW5pdHoxKTAnBgNVBAoMIFRlY2huaXNjaGUgVW5pdmVyc2l0YWV0IENoZW1uaXR6MSMwIQYDVQQLDBpVbml2ZXJzaXRhZXRzcmVjaGVuemVudHJ1bTEfMB0GA1UEAwwWVFUgQ2hlbW5pdHogV0xBTiBDQSBHMTAeFw0xODAyMjgxNzMwMjVaFw00MzAyMjcxNzMwMjVaMIGjMQswCQYDVQQGEwJERTEQMA4GA1UECAwHU2FjaHNlbjERMA8GA1UEBwwIQ2hlbW5pdHoxKTAnBgNVBAoMIFRlY2huaXNjaGUgVW5pdmVyc2l0YWV0IENoZW1uaXR6MSMwIQYDVQQLDBpVbml2ZXJzaXRhZXRzcmVjaGVuemVudHJ1bTEfMB0GA1UEAwwWVFUgQ2hlbW5pdHogV0xBTiBDQSBHMTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAONA+4woOCrp8AHHnV7FAdx948GI268HnzCqQ35IBXyecTaMHmszSvUiKn287ppBMictYRZbyrd5xZG0vZbKOywuA9824EXMMV8K5Un94lBjAwGKlTwWMSPLvrUBz98jMdUBpU3c+Cg6JWRbSjU7ZlbjvCtwfdzBLRlAt+Ikkdo82CQRMCQkxhs+qhh/wkNR3Pt45V9oxBZxz61QQ4EzlGkw6n4kovFiMkMFebgwVFkg8L8A+BxR9K1Q0IUJjEaBTXq22vfBAUxjAertOD2320oJUi95GKZFCOyyE6JMNNuBMIiq7Q9mbfcXq8TRsQYqmr+vOK28iSlwTAdnsrlovskazyllZdqZcNjDHiMWX/mJpJbi3HeMHiidYB+9ISJuwnLuhtwUuIdx7z3+ZP8BpV+gGlhySisWjA3Bm6ZwBea0IeUrTtf81safbEeByYalonw3EGuNzCsSy88CwLEmGADfOdSaayYN7gxROAlBl3/HDCASpWMDNr5bPKeArL/o1edKtvQpEqayIaZbXZbKnenZk1r/fETcgoHwCmFfRGtGW+zODzRKqDxdfARsMyASypnm1aDR1mPi9b7zjqdbyytA0Mmu65hbjXhkWjR0hX8b25XvKPIeqyGxQ3O0IKr+JcRmyda9tTAFeyy7j3kncE4rfTrA0kt0AlKKafBUdZJ1AgMBAAGjYzBhMB0GA1UdDgQWBBQo6EEXTfXh7Ppr32TVSh/5K5U63TAfBgNVHSMEGDAWgBQo6EEXTfXh7Ppr32TVSh/5K5U63TAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAgEAfXy4v2XDILgXahSWhkGFUxJtdWPNbjzkgAjLMJvBF+xcEOsUnQ3E2nOR2rLuFLWDs4f1X2MQWoMIyHvEHB0qbcd34is91r2nRYZ5+i918bC0lVwiyHEaALVLJ1Hs86F/Ii6i6Oc+SWEapFDHLyBWUG2ZymgUknN+5LdtveCLK/5vNc4VO2sP3ZVKVMCh/2ct1WZneHQ0RFb47WrFuwavyJy/q3YGKLRlhHt5QyNigvilBpmP1CFgz0SFrVuHsVMMUPZDQKP4mfJ7ELnUaFu4VkIv61Wo9lF85oaQ0mfloJmqWyKpd7/Fzfz1SdkyXGMfUdegHEMVoN1CkjBIZqhzz1iEAaZDF5gNOmWNARk6ObMGpvnCYYsPTqt0UQgr6n9EGpXUNxaCgl3CdNCQ+mFCO6MVpDSEc+mkjCNFNt8x9K1pzlVLG9B0bLdB8cD+oOair6pqfqM+ulpdW7NORkzvZPIO/VV82wfJDTnDenU3dZFptv+LFjeqgXDv/PmcliAWkEs9ZE/slC6OzdGHjZWLFb8DfA/rctn+5iM3gvNvFEMfZ0XQ9D4RvautPx15fEP1w/Zs9QYAyyAaSoO7rV6wuXZqqJX5ZuyLarndgB8BOGa3TKHpP27EoUIaFYl/+ZsLtOWvHdOFZxbRxVjPpvn5Svo15j4WVWSIjaGzic7HBf8=
-----END CERTIFICATE-----
......@@ -9,6 +9,8 @@ package de.tu_chemnitz.wlan;
import android.content.Context;
import android.content.SharedPreferences;
import android.content.res.AssetManager;
import android.content.res.Resources;
import android.net.ConnectivityManager;
import android.net.NetworkInfo;
import android.net.wifi.WifiConfiguration;
......@@ -28,9 +30,12 @@ import com.android.volley.VolleyLog;
import com.android.volley.toolbox.StringRequest;
import org.json.JSONArray;
import org.json.JSONException;
import org.json.JSONObject;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.UnsupportedEncodingException;
import java.net.CookieHandler;
import java.net.CookieManager;
......@@ -38,11 +43,13 @@ import java.net.HttpURLConnection;
import java.net.URI;
import java.net.URL;
import java.net.URLEncoder;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import java.util.regex.Pattern;
class Helper {
......@@ -248,11 +255,36 @@ class Helper {
static boolean buildFromPreferences(Context context) {
SharedPreferences sharedPrefs = context.getApplicationContext().getSharedPreferences("de.tu_chemnitz.de.wlan.config", Context.MODE_PRIVATE);
String savedJsonEduromConfig = sharedPrefs.getString("wifi_json", "{}"); // default is empty JSON {}
try {
JSONObject jsonEduromConfig = new JSONObject(savedJsonEduromConfig);
String anonymousIdentity = jsonEduromConfig.getString("anonymousIdentity");
//Check for old anonymous identity
if( anonymousIdentity.equals(context.getString(R.string.edurom_anonymous_identity_old))) {
//Build and set new identity
String identity = jsonEduromConfig.getString( "identity" );
String idmPrimaryKey = jsonEduromConfig.getString("pk");
String username = jsonEduromConfig.getString("username");
jsonEduromConfig.put("identity", context.getString(R.string.edurom_identity_pattern, username,idmPrimaryKey));
//Set new Submatch
jsonEduromConfig.put("subjectMatch",context.getString(R.string.edurom_radius_server));
//Set new anonymous identity
jsonEduromConfig.put("anonymousIdentity",context.getString(R.string.edurom_anonymous_identity) );
savedJsonEduromConfig = jsonEduromConfig.toString(2);
//Save new edurom json config
sharedPrefs.edit().putString("wifi_json", savedJsonEduromConfig);
}
} catch (JSONException jsonException) {
Log.e("ca_migration","error while old local idm values converted in form", jsonException);
}
return sharedPrefs.contains("wifi_json") &&
buildWifiConfig(sharedPrefs.getString("wifi_json", "{}")); // default is empty JSON {}
buildWifiConfig(savedJsonEduromConfig, context);
}
static boolean buildWifiConfig(String json) {
static boolean buildWifiConfig(String json, Context context) {
try {
Log.d("buildWifiConfig", json);
JSONObject jObj = new JSONObject(json);
......@@ -267,17 +299,29 @@ class Helper {
}*/
// if username mismatches we can't fetch deploy_status -> abort
if (!jObj.has("username") || username == null || !username.equals(jObj.getString("username"))) {
return false;
}
//if (!jObj.has("username") || username == null || !username.equals(jObj.getString("username"))) {
// return false;
//}
CertificateFactory cf = CertificateFactory.getInstance("X.509");
JSONArray certs = jObj.getJSONArray("certs");
X509Certificate[] x509s = new X509Certificate[certs.length()];
for (int i = 0; i < certs.length(); i++) {
x509s[i] = (X509Certificate)cf.generateCertificate(
new ByteArrayInputStream(
Base64.decode(certs.getString(i), Base64.DEFAULT)));
X509Certificate[] x509s = new X509Certificate[1];
AssetManager assetManager = context.getAssets();
InputStream eduromCertificateStream = null;
try {
eduromCertificateStream = assetManager.open("ca.pem");
X509Certificate eduromCertificate = (X509Certificate) cf.generateCertificate(eduromCertificateStream);
x509s[0] = eduromCertificate;
} catch (IOException exception) {
Log.e("buildWifiConfig", "Can't open certificate", exception);
} catch (CertificateException exception) {
Log.e("buildWifiConfig", "Can't read or process certificate", exception);
} catch (Throwable throwable) {
Log.e("buildWifiConfig", "Unexpected error", throwable);
} finally {
if (eduromCertificateStream != null) {
eduromCertificateStream.close();
}
}
WifiConfiguration conf = createEapConfig(
......@@ -391,6 +435,8 @@ class Helper {
for (WifiConfiguration conf: wifiMan.getConfiguredNetworks()) {
if (lastWifi.SSID.equals(conf.SSID)) {
id = conf.networkId;
lastWifi.networkId = conf.networkId;
wifiMan.disableNetwork(id);
}
}
if (id != -1) {
......@@ -411,7 +457,7 @@ class Helper {
}
static void quickApply(Context context, String json) {
if (Helper.buildWifiConfig(json)) {
if (Helper.buildWifiConfig(json, context)) {
if (Helper.applyWifiConfig(context)) {
Toast.makeText(context, Helper.lastWifi.SSID + " erfolgreich angewendet!", Toast.LENGTH_LONG).show();
} else {
......@@ -549,8 +595,14 @@ class Helper {
if (currentConfig.enterpriseConfig.getAnonymousIdentity().length()>0) {
message=currentConfig.enterpriseConfig.getAnonymousIdentity();
ticked = true;
String anonymousIdentity = currentConfig.enterpriseConfig.getAnonymousIdentity();
if (!anonymousIdentity.equals(context.getString(R.string.edurom_anonymous_identity))) {
message = context.getString(R.string.edurom_error_old_configuration, anonymousIdentity);
ticked = false;
} else {
message = anonymousIdentity;
ticked = true;
}
} else {
message="Nicht gesetzt";
ticked = false;
......
......@@ -166,7 +166,7 @@ public class LoginActivity extends AppCompatActivity {
Helper.buildRequest(LoginActivity.this.getApplicationContext(), API_URL, new Response.Listener<String>() {
@Override
public void onResponse(String response) {
if (Helper.buildWifiConfig(response)) {
if (Helper.buildWifiConfig(response, getApplicationContext())) {
//showText("Konfiguration erfolgreich geladen.<br>Warte auf Freigabe von Server.");
SharedPreferences sharedPrefs = getApplicationContext().getSharedPreferences("de.tu_chemnitz.de.wlan.config", Context.MODE_PRIVATE);
......
<resources>
<string name="app_name">TUC WLAN</string>
<string translatable="false" name="edurom_anonymous_identity">androidapp_ca2030@tu-chemnitz.de</string>
<string translatable="false" name="edurom_anonymous_identity_old">anonymous_androidapp@tu-chemnitz.de </string>
<string translatable="false" name="edurom_error_old_configuration">Veraltete Anonyme Identität: %1$s</string>
<string translatable="false" name="edurom_radius_server">radius2030.tu-chemnitz.de</string>
<string translatable="false" name="edurom_identity_pattern">%1$s-%2$s@tu-chemnitz.de</string>
</resources>
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment