Continuous request of certificate verification
Closed this issue · 6 comments
Reference: bitfireAT/davx5-ose#411
I think the issue might come from the saving of the certificate in CustomCertStore
. We are never saving the updates from the Keystore object to the file. The only time we really save the changes is in clearUserDecisions
:
We should also save in
cert4android/lib/src/main/java/at/bitfire/cert4android/CustomCertStore.kt
Lines 142 to 149 in d6fd798
cert4android/lib/src/main/java/at/bitfire/cert4android/CustomCertStore.kt
Lines 149 to 156 in d6fd798
To reproduce:
- Launch the sample app.
- Trust a certificate
- Try to trust again, it's already been trusted
- Close the app (also from recents just in case)
- Open the app again
- The certificate can be trusted again, changes are not persisted.
Haha nice, thanks for the report. So: core functionality broken. Could be time for some tests ^^
Yup, quite a serious bug 😅
At least easy to fix :)
Maybe we want to add a test for this, I've tested this and it detects the issue on the main branch:
@Test
fun testPersistingChanges() {
addTrustedCertificate()
// Dispose the keystore - load keystore again
certManager.certStore.loadUserKeyStore()
// Check it has been trusted
certManager.checkServerTrusted(siteCerts!!.toTypedArray(), "RSA")
}
However, it needs to expose certStore
and loadUserKeyStore
through the VisibleForTesting
annotation.
See 3110633