cthrace/open-keychain
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

restore pinning for hkps.pool.sks-keyservers.net only (it won't work without)

Browse Source
This commit is contained in:
Vincent Breitmoser
2021-01-29 13:02:42 +01:00
parent 1034b8b99c
commit 1af70961aa
4 changed files with 184 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/KeychainApplication.java
View File

@@ -30,6 +30,7 @@ import android.os.Build;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.sufficientlysecure.keychain.keysync.KeyserverSyncManager;
import org.sufficientlysecure.keychain.network.TlsCertificatePinning;
import org.sufficientlysecure.keychain.provider.TemporaryFileProvider;
import org.sufficientlysecure.keychain.util.PRNGFixes;
import org.sufficientlysecure.keychain.util.Preferences;
@@ -87,6 +88,8 @@ public class KeychainApplication extends Application {
// Upgrade preferences as needed
preferences.upgradePreferences();
TlsCertificatePinning.addPinnedCertificate("hkps.pool.sks-keyservers.net", getAssets(), "hkps.pool.sks-keyservers.net.CA.cer");
// only set up the rest on our main process
if (!BuildConfig.APPLICATION_ID.equals(getProcessName())) {
return;