Lab 08. Secure Protocols

Task 1 - Fetch web page through HTTPS (3p)

Create an application that downloads a web page through HTTPS. The activity includes an EditText, a Button and a TextView. The user introduces an URL and clicks on the button to obtain the contents of the web page.

Steps:

  • When the Button is clicked, check network connectivity through the ConnectivityManager
  • Then, perform network operations in an AsyncTask
  • Use HttpsURLConnection for performing HTTPS GET requests
  • Get associated InputStream for receiving the reply
  • The reply is displayed in the TextView

Hint: See task 1 from lab 3 and adapt it to use HttpsURLConnection.

Test using different HTTPS URLS (e.q. https://www.google.com/). Then test with different subdomains from https://badssl.com/ (with valid and invalid certificates).

Resources:

Task 2 - Display system trust store (3p)

The Android system includes a system (default) trust store, which includes a list of trusted Certificate Authorities (CAs).

Modify the previous application in order to display the system trust store using TrustManager.

Steps:

  • Obtain an instance of TrustManagerFactory and initialize it
  • Obtain an instance of the first TrustManager (X509TrustManager)
  • Display information about each trust anchor (X509Certificate)

Resources:

Task 3 - Use a custom trust store (4p)

The previous application will not be able to fetch web pages on a server with a certificate that is issued by an unknown CA. For example: https://untrusted-root.badssl.com/, which uses certificate which is not trusted by Android by default. Extend the application in order to be able to access this URL, by loading and using a custom trust store.

Steps:

  • Save website certificate from your browser
  • Put the certificate in res/raw/
  • Load trusted CAs from file
  • Create a KeyStore object and insert the trusted CAs
  • Obtain an instance of TrustManagerFactory and initialize it
  • Obtain an instance of SSLContext and initialize it
  • Create an URL object
  • Obtain an HttpsURLConnection
  • Configure the HttpsURLConnection to use the SocketFactory from the SSLContext
  • Read from an InputStream

Resources:

smd/laboratoare/old/08.txt ยท Last modified: 2019/03/06 15:02 by adriana.draghici
CC Attribution-Share Alike 3.0 Unported
www.chimeric.de Valid CSS Driven by DokuWiki do yourself a favour and use a real browser - get firefox!! Recent changes RSS feed Valid XHTML 1.0