Repair client certificates without password #1264

Author: klassm

app/build-includes/release.gradle

@@ -51,7 +51,6 @@ play {
 }
 
 release {
-    buildTasks = ['generateWhatsNew', 'build', 'uploadToPlayStore', 'githubRelease']
     versionPropertyFile = '../gradle.properties'
     versionProperties = ['version']
     failOnSnapshotDependencies = false
@@ -69,16 +68,18 @@ release {
 
 task releaseBeta {
     play.track = 'beta'
+    release.buildTasks = ['generateWhatsNew', 'build', 'uploadToPlayStore']
     ext.newReleaseVersion = getNextVersion(project) + "-BETA"
 }
+releaseBeta.dependsOn("release")
 
-releaseBeta.dependsOn(release)
 task releaseProd {
     play.track = 'production'
+    release.buildTasks = ['generateWhatsNew', 'build', 'uploadToPlayStore', 'githubRelease']
     ext.newReleaseVersion = getNextVersion(project)
     afterReleaseBuild.dependsOn("resetWhatsNew")
 }
-releaseBeta.dependsOn(release)
+releaseProd.dependsOn("release")
 
 task uploadToPlayStore
 uploadToPlayStore.dependsOn {

app/src/main/java/li/klass/fhem/connection/backend/ssl/MemorizingTrustManagerContextInitializer.kt

@@ -28,7 +28,6 @@ import android.content.Context
 import com.google.common.base.MoreObjects
 import de.duenndns.ssl.MemorizingTrustManager
 import li.klass.fhem.connection.backend.FHEMServerSpec
-import li.klass.fhem.util.CloseableUtil
 import org.slf4j.LoggerFactory
 import java.io.File
 import java.io.FileInputStream
@@ -45,8 +44,8 @@ class MemorizingTrustManagerContextInitializer {
                 val clientCertificate = File(serverSpec.clientCertificatePath)
                 val clientCertificatePassword = serverSpec.clientCertificatePassword
 
-                logger.info("init - client certificate exists=${clientCertificate.exists()}")
-                if (clientCertificate.exists()) {
+                logger.info("init - client certificate exists=${clientCertificate.exists()}, canRead=${clientCertificate.canRead()}")
+                if (clientCertificate.exists() && clientCertificate.canRead()) {
                     val keyStore = loadPKCS12KeyStore(clientCertificate, clientCertificatePassword)
                     val keyManagerFactory = KeyManagerFactory.getInstance("X509")
                     keyManagerFactory.init(keyStore, MoreObjects.firstNonNull(clientCertificatePassword, "").toCharArray())
@@ -68,18 +67,12 @@ class MemorizingTrustManagerContextInitializer {
 
 
     @Throws(Exception::class)
-    private fun loadPKCS12KeyStore(certificateFile: File, clientCertPassword: String?): KeyStore? {
-        val keyStore: KeyStore?
-        var fileInputStream: FileInputStream? = null
-        try {
-            keyStore = KeyStore.getInstance("PKCS12")
-            fileInputStream = FileInputStream(certificateFile)
-            keyStore!!.load(fileInputStream, clientCertPassword!!.toCharArray())
-        } finally {
-            CloseableUtil.close(fileInputStream)
-        }
-        return keyStore
-    }
+    private fun loadPKCS12KeyStore(certificateFile: File, clientCertPassword: String?): KeyStore? =
+            FileInputStream(certificateFile).use {
+                KeyStore.getInstance("PKCS12").apply {
+                    load(it, clientCertPassword?.toCharArray())
+                }
+            }
 
     data class Initialized(val socketFactory: SSLSocketFactory, val hostnameVerifier: HostnameVerifier, val trustManager: X509TrustManager)
 

app/whatsnew-de.md

@@ -1 +1 @@
-TODO
+* Repariere CLient-Zertifikate ohne Passwort

app/whatsnew-en.md

@@ -1 +1 @@
-TODO
+* Repair client certificates without password