Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Android Platform Support #144

Closed
wants to merge 2 commits into from
Closed

Android Platform Support #144

wants to merge 2 commits into from

Conversation

jruesga
Copy link

@jruesga jruesga commented Oct 13, 2024

The implementation relies on Jni to access the Android KeyStore and obtain a list of trusted certificates. The code:

  • Obtains and attach a previous created JVM instance.
  • Uses JNI calls to access java.lang.Keystore and get the list of trusted certificates
KeyStore ks = KeyStore.getInstance("AndroidCAStore");
ks.load(null);
Enumeration<String> enumeration = ks.aliases();
while (enumeration.hasMoreElements()) {
    Certificate certificate = enumeration.nextElement();
    byte[] der = certificate.getEncoded();
}
  • Maps any der certificate and errors to a CertificateResult.

Related to #3

There are GitHub Actions Android worflows included (both passing https://github.com/jruesga/rustls-native-certs/actions):

  • rustls: it compiles the code for each Android ABI
  • smoke-test: runs Android instrumentation tests for compare_mozilla.rs and smoketests.rs.

@jruesga
Android support
f42ff6f 
The implementation relies on Jni to access the Android KeyStore and
obtain a list of trusted certificates. The code:

- Obtains and attach a previous created JVM instance.
- Uses JNI calls to access java.lang.Keystore and get the list of
  trusted certificates

```java
KeyStore ks = KeyStore.getInstance("AndroidCAStore");
ks.load(null);
Enumeration<String> enumeration = ks.aliases();
while (enumeration.hasMoreElements()) {
    Certificate certificate = enumeration.nextElement();
    byte[] der = certificate.getEncoded();
}
```
- Maps any der certificate and errors to a CertificateResult.

Signed-off-by: Jorge Ruesga <jorge@ruesga.com>
@djc
Copy link
Member

djc commented Oct 13, 2024

Is there a reason you can't use the rustls-platform-verifier crate? It is currently the preferred way, see the current README.

@jruesga
Copy link
Author

jruesga commented Oct 13, 2024

No. I read the README and understood that rustls-platform-verifier is the preferred way on wards. Just wanted to contribute it.

@jruesga
Fix package name to match namespace
9eca32d 
Signed-off-by: Jorge Ruesga <jorge@ruesga.com>
@djc
Copy link
Member

djc commented Oct 13, 2024

So why do you want to contribute it? Does rustls-platform-verifier not work for your use case?

@jruesga
Copy link
Author

jruesga commented Oct 13, 2024

yes, it does. Just learning new stuff. You can close the pull request. I understand that rustls-platform-verifier is the path forward.

@djc djc closed this Oct 13, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@jruesga @djc