On Thu, Jul 21, 2016, at 10:16, Hans-Christoph Steiner wrote: > do you think there would be a way to dynamically add supported CAs using > this API?
The native Android 7.0 implementation does not support this. This backport could, at least in theory. I would need to make the ConfigSource version of withConfig() on TrustManagerBuilder public, which is not a big deal. And, you would have to implement a ConfigSource that implements your rules, and that may be tricky, given that I've never done it. I have relied on the AOSP ConfigSource implementations (XmlConfigSource and ManifestConfigSource) and have not looked into how easy or difficult it is to create a new one. There are 3+ implementations in the AOSP code IIRC, so it's probably reasonably flexible. TrustManagerBuilder also supports blending in arbitrary X509TrustManager implementations, using boolean operators. That's how NetCipher should be able to be connected in. I plan on testing that once new NetCipher artifacts are published (hint, hint :-). I have some code in the old TrustManagerBuilder (back in CWAC-Security) that implemented custom certificate/CA support TrustManagers. I didn't carry that forward, figuring that the AOSP code was probably more robust. If needed, I could always bring that code back from the dead. > Taking F-Droid or ChatSecure as an example: someone uses their own > server, when the new server is added to the app, can the app then do a > TOFU trust of the CA used for that server using this API? TOFU implies certificate memorization, not CA configuration, at least in terms of how I think of it. CA configuration would require that the app have access to the public cert file (PEM, DER). Certificate memorization with TOFU would not. I have some memorization code, also carried over from the old TrustManagerBuilder implementation. However, it dawned on me that this really needs to be a per-domain TOFU, and my implementation didn't handle that. So, that's still on my to-do list. The AOSP code does not offer memorization, at least not at present, so that would be handled purely by TrustManagerBuilder, not the backport. -- Mark Murphy (a Commons Guy) https://commonsware.com | https://github.com/commonsguy https://commonsware.com/blog | https://twitter.com/commonsguy _______________________________________________ List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev To unsubscribe, email: guardian-dev-unsubscr...@lists.mayfirst.org
