[thirdparty/strongswan.git] / src / frontends / android / app / src / main / java / org / strongswan / android / logic / ManagedUserCertificateManager.java

/*
 * Copyright (C) 2023 Relution GmbH
 *
 * Copyright (C) secunet Security Networks AG
 *
 * This program is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License as published by the
 * Free Software Foundation; either version 2 of the License, or (at your
 * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
 *
 * This program is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
 * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * for more details.
 */

package org.strongswan.android.logic;

import android.app.admin.DevicePolicyManager;
import android.content.Context;
import android.util.Log;

import org.strongswan.android.data.DatabaseHelper;
import org.strongswan.android.data.ManagedConfigurationService;
import org.strongswan.android.data.ManagedUserCertificate;
import org.strongswan.android.data.ManagedUserCertificateRepository;
import org.strongswan.android.utils.Difference;

import java.util.List;

import androidx.annotation.NonNull;
import androidx.core.util.Pair;

public class ManagedUserCertificateManager
{
	private static final String TAG = ManagedUserCertificateManager.class.getSimpleName();

	@NonNull
	private final ManagedUserCertificateRepository certificateRepository;
	@NonNull
	private final ManagedUserCertificateInstaller certificateInstaller;

	public ManagedUserCertificateManager(
		@NonNull final Context context,
		@NonNull final ManagedConfigurationService managedConfigurationService,
		@NonNull final DatabaseHelper databaseHelper)
	{
		final DevicePolicyManager devicePolicyManager = (DevicePolicyManager)context.getSystemService(Context.DEVICE_POLICY_SERVICE);

		this.certificateRepository = new ManagedUserCertificateRepository(managedConfigurationService, devicePolicyManager, databaseHelper);
		this.certificateInstaller = new ManagedUserCertificateInstaller(context);
	}

	public void update()
	{
		final List<ManagedUserCertificate> configured = certificateRepository.getConfiguredCertificates();
		final List<ManagedUserCertificate> installed = certificateRepository.getInstalledCertificates();

		final Difference<ManagedUserCertificate> diff = Difference.between(installed, configured, ManagedUserCertificate::getVpnProfileUuid);
		if (diff.isEmpty())
		{
			Log.d(TAG, "No key pairs changed, nothing to do");
			return;
		}
		Log.d(TAG, "Key pairs changed " + diff);

		for (final ManagedUserCertificate delete : diff.getDeletes())
		{
			remove(delete);
		}

		for (final Pair<ManagedUserCertificate, ManagedUserCertificate> update : diff.getUpdates())
		{
			remove(update.first);
			install(update.second);
		}

		for (final ManagedUserCertificate insert : diff.getInserts())
		{
			install(insert);
		}
	}

	private void install(@NonNull final ManagedUserCertificate userCertificate)
	{
		if (certificateInstaller.tryInstall(userCertificate))
		{
			certificateRepository.addInstalledCertificate(userCertificate);
		}
	}

	private void remove(@NonNull final ManagedUserCertificate userCertificate)
	{
		certificateInstaller.tryRemove(userCertificate);
		certificateRepository.removeInstalledCertificate(userCertificate);
	}
}
Commit	Line	Data
b0ba845e MP	1	/*
	2	* Copyright (C) 2023 Relution GmbH
	3	*
	4	* Copyright (C) secunet Security Networks AG
	5	*
	6	* This program is free software; you can redistribute it and/or modify it
	7	* under the terms of the GNU General Public License as published by the
	8	* Free Software Foundation; either version 2 of the License, or (at your
	9	* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
	10	*
	11	* This program is distributed in the hope that it will be useful, but
	12	* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
	13	* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
	14	* for more details.
	15	*/
	16
	17	package org.strongswan.android.logic;
	18
	19	import android.app.admin.DevicePolicyManager;
	20	import android.content.Context;
	21	import android.util.Log;
	22
	23	import org.strongswan.android.data.DatabaseHelper;
	24	import org.strongswan.android.data.ManagedConfigurationService;
	25	import org.strongswan.android.data.ManagedUserCertificate;
	26	import org.strongswan.android.data.ManagedUserCertificateRepository;
	27	import org.strongswan.android.utils.Difference;
	28
	29	import java.util.List;
	30
	31	import androidx.annotation.NonNull;
	32	import androidx.core.util.Pair;
	33
	34	public class ManagedUserCertificateManager
	35	{
	36	private static final String TAG = ManagedUserCertificateManager.class.getSimpleName();
	37
	38	@NonNull
	39	private final ManagedUserCertificateRepository certificateRepository;
	40	@NonNull
	41	private final ManagedUserCertificateInstaller certificateInstaller;
	42
	43	public ManagedUserCertificateManager(
	44	@NonNull final Context context,
	45	@NonNull final ManagedConfigurationService managedConfigurationService,
	46	@NonNull final DatabaseHelper databaseHelper)
	47	{
	48	final DevicePolicyManager devicePolicyManager = (DevicePolicyManager)context.getSystemService(Context.DEVICE_POLICY_SERVICE);
	49
	50	this.certificateRepository = new ManagedUserCertificateRepository(managedConfigurationService, devicePolicyManager, databaseHelper);
	51	this.certificateInstaller = new ManagedUserCertificateInstaller(context);
	52	}
	53
	54	public void update()
	55	{
	56	final List<ManagedUserCertificate> configured = certificateRepository.getConfiguredCertificates();
	57	final List<ManagedUserCertificate> installed = certificateRepository.getInstalledCertificates();
	58
	59	final Difference<ManagedUserCertificate> diff = Difference.between(installed, configured, ManagedUserCertificate::getVpnProfileUuid);
	60	if (diff.isEmpty())
	61	{
	62	Log.d(TAG, "No key pairs changed, nothing to do");
	63	return;
	64	}
65	Log.d(TAG, "Key pairs changed " + diff);
66
67	for (final ManagedUserCertificate delete : diff.getDeletes())
68	{
69	remove(delete);
70	}
71
72	for (final Pair<ManagedUserCertificate, ManagedUserCertificate> update : diff.getUpdates())
73	{
74	remove(update.first);
75	install(update.second);
76	}
77
78	for (final ManagedUserCertificate insert : diff.getInserts())
79	{
80	install(insert);
81	}
82	}
83
84	private void install(@NonNull final ManagedUserCertificate userCertificate)
85	{
86	if (certificateInstaller.tryInstall(userCertificate))
87	{
88	certificateRepository.addInstalledCertificate(userCertificate);
89	}
90	}
91
92	private void remove(@NonNull final ManagedUserCertificate userCertificate)
93	{
94	certificateInstaller.tryRemove(userCertificate);
95	certificateRepository.removeInstalledCertificate(userCertificate);
96	}
97	}