Welcome to the official BlackBerry Support Community Forums.

This is your resource to discuss support topics with your peers, and learn from each other.

inside custom component

Java Development

Posts: 11
Registered: ‎03-04-2014
My Device: 9900
My Carrier: Vodafone

Certificate pinning 7.1 bouncy castle light weight api



I am trying to implement certificate pinning in blackberry 7.1 OS using JAVA.

I did not find any relevant classes that return the certificate information (specifically the fingerprint SHA) to implement pinning with HttpsConnection.


However, if I use the lightweight bouncycastle. it returns me the fingerprint of certificate. But once certificate information has been retrieved how do i further send and get the https data. This option is bouncy castle can be achieved with socketconnection. Hence i am trying to implement https over socket.


Below is the code;



SocketConnection soc = null;
TlsClientProtocol h = null;

soc = (SocketConnection) Connector.open("socket://" + hostPort + ";deviceside=true;interface=wifi");

OutputStream os=soc.openOutputStream();

InputStream is=soc.openInputStream();

h = new TlsClientProtocol(is, os);

DefaultTlsClient client1 = new DefaultTlsClient( ) ;



DataOutputStream dos1 = new DataOutputStream(h.getOutputStream());

dos1.write("POST /test/ HTTP/1.0\r\n".getBytes());
dos1.write(("Content-Length: "+"0"+" \r\n").getBytes());
dos1.write("Content-Type: application/x-www-form-urlencoded\r\n".getBytes());


InputStream input = s.getInputStream();
DataInputStream input = new DataInputStream(protocol.getInputStream()); // here IO closed error occurs



I get an error that input stream is closed. How do i pass and get data from server for certificate validation?


Help appreciated.