-
Notifications
You must be signed in to change notification settings - Fork 175
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
New Api to load and verify the ssl certificate #118
Comments
I'm facing the same issue, I'm not able to load the certificate from the Android assets folder through JNI. However loading the certificate during run-time with an absolute path to the certificate in external storage works. |
Hi Chandramohan Sudar, sample code to load the certificate file content /* structure for file data content*/ /* code for reading file content*/ SSLFileContent getCertificateFileContentAndSize(){
} // and to load certificate content into wolfssl context object I added this method in ssl.c and definition in // ssl.h /* CA PEM file for verification, may have multiple/chain certs to process /
#ifdef WOLFSSL_WPAS
#endif
} // you can call for jni code like this wolfSSL_Init();
// this method was added in ssl.c file, above i have mentioned and this will work same as //wolfSSL_CTX_load_verify_locations() function |
Thanks a lot @joicepj11 👍 Were you able to do it from Java? How do you point to the certificate file on the Android assets folder with this method?
I tried to pass the first String argument as mentioned in this SO post.
Also tried without extensions
Also tried to load the certificates from the raw resource directory as mentioned in the Android API documentation here But none of them work. However, using an intent to pick the certificate from external storage and passing its absolute path as the first argument and keeping the second argument as null works! |
Hi @chandruscm and @joicepj11, I wanted to check in and see how things are going with this issue. Please let us know if you have any further issues. Thanks, |
Hi Chris Conlon,
I used your library in android and in this API
WOLFSSL_API int wolfSSL_CTX_load_verify_locations(WOLFSSL_CTX*, const char*, const char*);
your calling ProcessFile() method and trying to open file with file name but its failing, due to Android is not allowing to open file but if you can take file descriptor then FOPEN will work or use asset manager in NDK then it will be easily.
example:-
instead of fname, if you had file descriptor it will work in android or you use -DWOLFSSL_JNI flag and ask for AssetManager to process the file from assets directory it will also work.
file = XFOPEN(fname, "rb");
if (file == XBADFILE) return WOLFSSL_BAD_FILE;
if (XFSEEK(file, 0, XSEEK_END) != 0) {
XFCLOSE(file);
return WOLFSSL_BAD_FILE;
}
sz = XFTELL(file);
XREWIND(file);
The text was updated successfully, but these errors were encountered: