From c02851b778b3a50205a18262a4829b3510c675eb Mon Sep 17 00:00:00 2001 From: Ricki Hirner Date: Sun, 2 Feb 2025 13:55:30 +0100 Subject: [PATCH] Explicitly provide crashing expired certificate --- .../at/bitfire/cert4android/ConscryptTest.kt | 54 +++++++++++++++++-- .../cert4android/ConscryptIntegration.kt | 2 +- 2 files changed, 51 insertions(+), 5 deletions(-) diff --git a/lib/src/androidTest/java/at/bitfire/cert4android/ConscryptTest.kt b/lib/src/androidTest/java/at/bitfire/cert4android/ConscryptTest.kt index 1f7447e..fa8db90 100644 --- a/lib/src/androidTest/java/at/bitfire/cert4android/ConscryptTest.kt +++ b/lib/src/androidTest/java/at/bitfire/cert4android/ConscryptTest.kt @@ -1,17 +1,63 @@ package at.bitfire.cert4android +import org.junit.Before import org.junit.Test -import java.net.URL +import java.security.cert.CertificateFactory +import java.security.cert.X509Certificate class ConscryptTest { + @Before + fun setUp() { + ConscryptIntegration.initialize() + } + + @Test fun test_X509Certificate_toString() { - val certs = TestCertificates.getSiteCertificates(URL("https://expired.badssl.com")) + val certFactory = CertificateFactory.getInstance("X.509") + val testCert = certFactory.generateCertificate(RAW_EXPIRED_CERT.byteInputStream()) as X509Certificate // Crashes with Conscrypt 2.5.3 - for (cert in certs) - System.err.println(cert.toString()) + System.err.println(testCert.toString()) + } + + + companion object { + + const val RAW_EXPIRED_CERT = "-----BEGIN CERTIFICATE-----\n" + + "MIIFdDCCBFygAwIBAgIQJ2buVutJ846r13Ci/ITeIjANBgkqhkiG9w0BAQwFADBv\n" + + "MQswCQYDVQQGEwJTRTEUMBIGA1UEChMLQWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFk\n" + + "ZFRydXN0IEV4dGVybmFsIFRUUCBOZXR3b3JrMSIwIAYDVQQDExlBZGRUcnVzdCBF\n" + + "eHRlcm5hbCBDQSBSb290MB4XDTAwMDUzMDEwNDgzOFoXDTIwMDUzMDEwNDgzOFow\n" + + "gYUxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO\n" + + "BgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMSswKQYD\n" + + "VQQDEyJDT01PRE8gUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIICIjANBgkq\n" + + "hkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAkehUktIKVrGsDSTdxc9EZ3SZKzejfSNw\n" + + "AHG8U9/E+ioSj0t/EFa9n3Byt2F/yUsPF6c947AEYe7/EZfH9IY+Cvo+XPmT5jR6\n" + + "2RRr55yzhaCCenavcZDX7P0N+pxs+t+wgvQUfvm+xKYvT3+Zf7X8Z0NyvQwA1onr\n" + + "ayzT7Y+YHBSrfuXjbvzYqOSSJNpDa2K4Vf3qwbxstovzDo2a5JtsaZn4eEgwRdWt\n" + + "4Q08RWD8MpZRJ7xnw8outmvqRsfHIKCxH2XeSAi6pE6p8oNGN4Tr6MyBSENnTnIq\n" + + "m1y9TBsoilwie7SrmNnu4FGDwwlGTm0+mfqVF9p8M1dBPI1R7Qu2XK8sYxrfV8g/\n" + + "vOldxJuvRZnio1oktLqpVj3Pb6r/SVi+8Kj/9Lit6Tf7urj0Czr56ENCHonYhMsT\n" + + "8dm74YlguIwoVqwUHZwK53Hrzw7dPamWoUi9PPevtQ0iTMARgexWO/bTouJbt7IE\n" + + "IlKVgJNp6I5MZfGRAy1wdALqi2cVKWlSArvX31BqVUa/oKMoYX9w0MOiqiwhqkfO\n" + + "KJwGRXa/ghgntNWutMtQ5mv0TIZxMOmm3xaG4Nj/QN370EKIf6MzOi5cHkERgWPO\n" + + "GHFrK+ymircxXDpqR+DDeVnWIBqv8mqYqnK8V0rSS527EPywTEHl7R09XiidnMy/\n" + + "s1Hap0flhFMCAwEAAaOB9DCB8TAfBgNVHSMEGDAWgBStvZh6NLQm9/rEJlTvA73g\n" + + "JMtUGjAdBgNVHQ4EFgQUu69+Aj36pvE8hI6t7jiY7NkyMtQwDgYDVR0PAQH/BAQD\n" + + "AgGGMA8GA1UdEwEB/wQFMAMBAf8wEQYDVR0gBAowCDAGBgRVHSAAMEQGA1UdHwQ9\n" + + "MDswOaA3oDWGM2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9BZGRUcnVzdEV4dGVy\n" + + "bmFsQ0FSb290LmNybDA1BggrBgEFBQcBAQQpMCcwJQYIKwYBBQUHMAGGGWh0dHA6\n" + + "Ly9vY3NwLnVzZXJ0cnVzdC5jb20wDQYJKoZIhvcNAQEMBQADggEBAGS/g/FfmoXQ\n" + + "zbihKVcN6Fr30ek+8nYEbvFScLsePP9NDXRqzIGCJdPDoCpdTPW6i6FtxFQJdcfj\n" + + "Jw5dhHk3QBN39bSsHNA7qxcS1u80GH4r6XnTq1dFDK8o+tDb5VCViLvfhVdpfZLY\n" + + "Uspzgb8c8+a4bmYRBbMelC1/kZWSWfFMzqORcUx8Rww7Cxn2obFshj5cqsQugsv5\n" + + "B5a6SE2Q8pTIqXOi6wZ7I53eovNNVZ96YUWYGGjHXkBrI/V5eu+MtWuLt29G9Hvx\n" + + "PUsE2JOAWVrgQSQdso8VYFhH2+9uRv0V9dlfmrPb2LjkQLPNlzmuhbsdjrzch5vR\n" + + "pu/xO28QOG8=\n" + + "-----END CERTIFICATE-----\n" + } } \ No newline at end of file diff --git a/lib/src/main/java/at/bitfire/cert4android/ConscryptIntegration.kt b/lib/src/main/java/at/bitfire/cert4android/ConscryptIntegration.kt index f84d003..3037ce7 100644 --- a/lib/src/main/java/at/bitfire/cert4android/ConscryptIntegration.kt +++ b/lib/src/main/java/at/bitfire/cert4android/ConscryptIntegration.kt @@ -6,7 +6,7 @@ import javax.net.ssl.SSLContext object ConscryptIntegration { - var initialized = false + private var initialized = false @Synchronized fun initialize() {