keychain - A proper way to install PEM certifiate in Android -


i developing android project.

i have pem certificate string:

-----begin certificate----- miieczcca1ugawibagibadanbgkqhkig9w0baqqfad..akga1uebhmcr0ix ezarbgnvbagtclnvbwutu3rhdguxfdasbgnvbaotc0..0egthrkmtcwnqyd vqqley5dbgfzcyaxifb1ymxpyybqcmltyxj5ienlcn..xrpb24gqxv0ag9y ...many lines... it8una2gy4l2o//on88r5iwjlm1l0oa8e4fr2yrbhx..adsgefkkynrwgi/ 7vqmfxdgsrrxngrgnx+vwdz3/zwi0jodtcknnqepvn..hox -----end certificate-----

(assigned above certificate string variable named cert_str)

i decode above pem string byte array:

byte[] pembytes = base64.decode(                 cert_str.replaceall("-----(begin|end) certificate-----", "")                         .replaceall("\n", "")                         .getbytes("utf-8"),                 base64.default         );

i try programmatically install pem certificate android phone following code:

intent intent = keychain.createinstallintent(); // because pem contains certificate, no private key, use extra_certificate intent.putextra(keychain.extra_certificate, pembytes);// above pem bytes intent.addflags(intent.flag_activity_new_task); context.startactivity(intent);

when run code (in android 7 device), android system certificate installer app pops window, when press "ok" button of window, got following log:

 java.io.ioexception: stream not represent pkcs12 key store   @ com.android.org.bouncycastle.jcajce.provider.keystore.pkcs12.pkcs12keystorespi.engineload(pkcs12keystorespi.java:793)   @ java.security.keystore.load(keystore.java:1247)   @ com.android.certinstaller.credentialhelper.loadpkcs12internal(credentialhelper.java:396)   @ com.android.certinstaller.credentialhelper.extractpkcs12internal(credentialhelper.java:364)   @ com.android.certinstaller.credentialhelper.extractpkcs12(credentialhelper.java:354)   @ com.android.certinstaller.certinstaller$1.doinbackground(certinstaller.java:328)   @ com.android.certinstaller.certinstaller$1.doinbackground(certinstaller.java:327)

my questions:

  1. i have used extra_certificate & set intent, not using extra_pkcs12, log, android system thinks installing pkcs#12 keystore. why?

  2. what correct way programmatically install pem certificate in android?

your code should work, said @sergey nikitin. starred example @ github using similar code

i have reviewed android 7.1 source code of credentialhelper , certinstaller trace exception log. unique reachable path execute pkcs12 loader at

 com.android.certinstaller.credentialhelper.extractpkcs12(credentialhelper.java:354)

is method onscreenlockok

private void onscreenlockok() {     if (mcredentials.haspkcs12keystore()) {         if (mcredentials.haspassword()) {             showdialog(pkcs12_password_dialog);         } else {             new pkcs12extractaction("").run(this);         }

which protected credentialhelper.haspkcs12keystore() 

boolean haspkcs12keystore() {     return mbundle.containskey(keychain.extra_pkcs12); }

i have not found default assigned values or alternative paths, deduce keychain.extra_pkcs12 being used in way. weird behaviour, may have clean&rebuild issue?

i suggest debug code including android certinstaller class ensure values of extras , ensure executed code expected


-

Comments

Post a Comment

Popular posts from this blog

java - SSE Emitter : Manage timeouts and complete() -

i writing web app multiple listeners(evcentsource sse clients js) connected server . want store sse emitter per connected listener : can done in memory or other means assigning id each client able achieve far now question ; how send response/event specific client connected web app ? while doing sseemmiters stored either getting completed or timed out. how prevent ? how keep sseemmiter available open infinite time (till client closes) , send events selectively .
Read more

jquery - uncaught exception: DataTables Editor - remote hosting of code not allowed -

i'm trying implement crud operation using datatableseditor using datatables.but i'm getting error messages: 1)uncaught exception: datatables editor - remote hosting of code not allowed. please see http://editor.datatables.net details on how purchase editor license 2)typeerror: a.editor undefined 3) $.fn.datatable.editor not constructor" what reason? here configuration: <%@ page language="java" contenttype="text/html; charset=iso-8859-1" pageencoding="iso-8859-1"%> <!doctype html public "-//w3c//dtd html 4.01 transitional//en" "http://www.w3.org/tr/html4/loose.dtd"> <html> <head> <meta http-equiv="content-type" content="text/html; charset=iso-8859-1"> <title>insert title here</title> <link rel="stylesheet" type="text/css" href="//cdn.datatables.net/1.10.12/css/jquery.datatables.min.css"> <link re...
Read more

java - How to resolve error - package com.squareup.okhttp3 doesn't exist? -

i trying convert json java object use of gson in maven, following youtube video guidance - https://www.youtube.com/watch?v=vqgghm9pwe0 , theres error occurs when in main class error - package com.squareup.okhttp3 doesn't exist. code below: java package com.codebeasty.json; import com.squareup.okhttp3.okhttpclient; public class main { private static okhttpclient client = new okhttpclient(); public static void main (string [] args) { } } i put in dependency in pom.xml: <dependencies> <dependency> <groupid>com.squareup.okhttp3</groupid> <artifactid>okhttp</artifactid> <version>3.4.2</version> </dependency> <dependency> <groupid>com.google.code.gson</groupid> <artifactid>gson</artifactid> <version>2.8.0</version> </dependency> </dependencies> i dont understand why doesn't recognize com.squareup. there may need download? have downl...
Read more