From 48df1d71bf712d50a7fd16aa02fd1a66f7af3a79 Mon Sep 17 00:00:00 2001 From: Jinyoung Ahn Date: Thu, 29 Jun 2017 11:26:11 -0700 Subject: [PATCH] Use secure port for mouse socket connection --- .gitignore | 3 +- .../webos/WebOSTVMouseSocketConnection.java | 23 +++++--- .../webos/WebOSTVServiceSocketClient.java | 50 +--------------- .../service/webos/WebOSTVTrustManager.java | 59 +++++++++++++++++++ 4 files changed, 77 insertions(+), 58 deletions(-) create mode 100644 src/com/connectsdk/service/webos/WebOSTVTrustManager.java diff --git a/.gitignore b/.gitignore index 0e69a217..8b0eba31 100644 --- a/.gitignore +++ b/.gitignore @@ -26,6 +26,7 @@ local.properties *.launch .cproject .buildpath +.idea/ *.DS_Store bin/jarlist.cache -test/test-reports/ \ No newline at end of file +test/test-reports/ diff --git a/src/com/connectsdk/service/webos/WebOSTVMouseSocketConnection.java b/src/com/connectsdk/service/webos/WebOSTVMouseSocketConnection.java index f1d33b44..d9ac1827 100644 --- a/src/com/connectsdk/service/webos/WebOSTVMouseSocketConnection.java +++ b/src/com/connectsdk/service/webos/WebOSTVMouseSocketConnection.java @@ -37,6 +37,7 @@ public interface WebOSTVMouseSocketListener { WebSocketClient ws; String socketPath; WebOSTVMouseSocketListener listener; + WebOSTVTrustManager customTrustManager; public enum ButtonType { HOME, @@ -50,14 +51,8 @@ public enum ButtonType { public WebOSTVMouseSocketConnection(String socketPath, WebOSTVMouseSocketListener listener) { Log.d("PtrAndKeyboardFragment", "got socketPath: " + socketPath); - this.listener = listener; - - if (socketPath.startsWith("wss:")) { - this.socketPath = socketPath.replace("wss:", "ws:").replace(":3001/", ":3000/"); // downgrade to plaintext - Log.d("PtrAndKeyboardFragment", "downgraded socketPath: " + this.socketPath); - } - else - this.socketPath = socketPath; + this.listener = listener; + this.socketPath = socketPath; try { URI uri = new URI(this.socketPath); @@ -96,6 +91,18 @@ public void onClose(int arg0, String arg1, boolean arg2) { } }; + try { + SSLContext sslContext = SSLContext.getInstance("TLS"); + customTrustManager = new WebOSTVTrustManager(); + sslContext.init(null, new WebOSTVTrustManager[] {customTrustManager}, null); + WebSocketClient.WebSocketClientFactory fac = new DefaultSSLWebSocketClientFactory(sslContext); + ws.setWebSocketFactory(fac); + } catch (KeyException e) { + e.printStackTrace(); + } catch (NoSuchAlgorithmException e) { + e.printStackTrace(); + } + ws.connect(); } diff --git a/src/com/connectsdk/service/webos/WebOSTVServiceSocketClient.java b/src/com/connectsdk/service/webos/WebOSTVServiceSocketClient.java index 14e83f6e..dfba3222 100644 --- a/src/com/connectsdk/service/webos/WebOSTVServiceSocketClient.java +++ b/src/com/connectsdk/service/webos/WebOSTVServiceSocketClient.java @@ -69,10 +69,10 @@ public enum State { WebOSTVServiceSocketClientListener mListener; WebOSTVService mService; + WebOSTVTrustManager customTrustManager; int nextRequestId = 1; - TrustManager customTrustManager; State state = State.INITIAL; JSONObject manifest; @@ -816,54 +816,6 @@ public static boolean isInteger(String s) { return true; } - class TrustManager implements X509TrustManager { - X509Certificate expectedCert; - X509Certificate lastCheckedCert; - - public void setExpectedCertificate(X509Certificate cert) { - this.expectedCert = cert; - } - - public X509Certificate getLastCheckedCertificate () { - return lastCheckedCert; - } - - @Override - public void checkClientTrusted(X509Certificate[] chain, String authType) - throws CertificateException { - } - - @Override - public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException { - Log.d(Util.T, "Expecting device cert " + (expectedCert != null ? expectedCert.getSubjectDN() : "(any)")); - - if (chain != null && chain.length > 0) { - X509Certificate cert = chain[0]; - - lastCheckedCert = cert; - - if (expectedCert != null) { - byte [] certBytes = cert.getEncoded(); - byte [] expectedCertBytes = expectedCert.getEncoded(); - - Log.d(Util.T, "Device presented cert " + cert.getSubjectDN()); - - if (!Arrays.equals(certBytes, expectedCertBytes)) { - throw new CertificateException("certificate does not match"); - } - } - } else { - lastCheckedCert = null; - throw new CertificateException("no server certificate"); - } - } - - @Override - public X509Certificate[] getAcceptedIssuers() { - return new X509Certificate[0]; - } - } - public interface WebOSTVServiceSocketClientListener { public void onConnect(); diff --git a/src/com/connectsdk/service/webos/WebOSTVTrustManager.java b/src/com/connectsdk/service/webos/WebOSTVTrustManager.java new file mode 100644 index 00000000..a8e84b62 --- /dev/null +++ b/src/com/connectsdk/service/webos/WebOSTVTrustManager.java @@ -0,0 +1,59 @@ +package com.connectsdk.service.webos; + +import android.util.Log; + +import com.connectsdk.core.Util; + +import javax.net.ssl.X509TrustManager; +import java.security.cert.CertificateException; +import java.security.cert.X509Certificate; + +import java.util.Arrays; + +public class WebOSTVTrustManager implements X509TrustManager { + X509Certificate expectedCert; + X509Certificate lastCheckedCert; + + public void setExpectedCertificate(X509Certificate cert) { + this.expectedCert = cert; + } + + public X509Certificate getLastCheckedCertificate () { + return lastCheckedCert; + } + + @Override + public void checkClientTrusted(X509Certificate[] chain, String authType) + throws CertificateException { + } + + @Override + public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException { + Log.d(Util.T, "Expecting device cert " + (expectedCert != null ? expectedCert.getSubjectDN() : "(any)")); + + if (chain != null && chain.length > 0) { + X509Certificate cert = chain[0]; + + lastCheckedCert = cert; + + if (expectedCert != null) { + byte [] certBytes = cert.getEncoded(); + byte [] expectedCertBytes = expectedCert.getEncoded(); + + Log.d(Util.T, "Device presented cert " + cert.getSubjectDN()); + + if (!Arrays.equals(certBytes, expectedCertBytes)) { + throw new CertificateException("certificate does not match"); + } + } + } else { + lastCheckedCert = null; + throw new CertificateException("no server certificate"); + } + } + + @Override + public X509Certificate[] getAcceptedIssuers() { + return new X509Certificate[0]; + } +} \ No newline at end of file