Welcome!

Welcome to the official BlackBerry Support Community Forums.

This is your resource to discuss support topics with your peers, and learn from each other.

inside custom component

Java Development

Reply
Highlighted
Contributor
Posts: 11
Registered: ‎03-04-2014
My Device: 9900
My Carrier: Vodafone

Certificate pinning 7.1 bouncy castle light weight api

Hello,

 

I am trying to implement certificate pinning in blackberry 7.1 OS using JAVA.

I did not find any relevant classes that return the certificate information (specifically the fingerprint SHA) to implement pinning with HttpsConnection.

 

However, if I use the lightweight bouncycastle. it returns me the fingerprint of certificate. But once certificate information has been retrieved how do i further send and get the https data. This option is bouncy castle can be achieved with socketconnection. Hence i am trying to implement https over socket.

 

Below is the code;

 

 

SocketConnection soc = null;
TlsClientProtocol h = null;

soc = (SocketConnection) Connector.open("socket://" + hostPort + ";deviceside=true;interface=wifi");

OutputStream os=soc.openOutputStream();

InputStream is=soc.openInputStream();

h = new TlsClientProtocol(is, os);

DefaultTlsClient client1 = new DefaultTlsClient( ) ;

h.connect(client1);

 

DataOutputStream dos1 = new DataOutputStream(h.getOutputStream());

dos1.write("POST /test/ HTTP/1.0\r\n".getBytes());
dos1.write(("Content-Length: "+"0"+" \r\n").getBytes());
dos1.write("Content-Type: application/x-www-form-urlencoded\r\n".getBytes());
dos1.write("\r\n".getBytes());
dos1.flush();

 

InputStream input = s.getInputStream();
DataInputStream input = new DataInputStream(protocol.getInputStream()); // here IO closed error occurs

 

 

I get an error that input stream is closed. How do i pass and get data from server for certificate validation?

 

Help appreciated.