From d7483bc9d1811b122673ec09e58b1ce74955e6c2 Mon Sep 17 00:00:00 2001
From: cyBerta <cyberta@riseup.net>
Date: Tue, 3 Dec 2024 01:43:30 +0100
Subject: [PATCH] keep pem headers and footers when parsing vpn credentials

---
 .../base/utils/CredentialsParser.java         |  8 --------
 .../base/utils/CredentialsParserTest.java     | 19 ++++++++++++++-----
 2 files changed, 14 insertions(+), 13 deletions(-)

diff --git a/app/src/main/java/se/leap/bitmaskclient/base/utils/CredentialsParser.java b/app/src/main/java/se/leap/bitmaskclient/base/utils/CredentialsParser.java
index e02922fc2..a62d548a7 100644
--- a/app/src/main/java/se/leap/bitmaskclient/base/utils/CredentialsParser.java
+++ b/app/src/main/java/se/leap/bitmaskclient/base/utils/CredentialsParser.java
@@ -30,22 +30,14 @@ public class CredentialsParser {
                             switch (currentTag) {
                                 case "ca" -> {
                                     ca = parser.getText();
-                                    ca = ca.replaceAll("-----BEGIN CERTIFICATE-----", "");
-                                    ca = ca.replaceAll("-----END CERTIFICATE-----", "");
                                     ca = ca.trim();
                                 }
                                 case "key" -> {
                                     key = parser.getText();
-                                    key = key.replaceAll("-----BEGIN PRIVATE KEY-----", "");
-                                    key = key.replaceAll("-----BEGIN RSA PRIVATE KEY-----", "");
-                                    key = key.replaceAll("-----END PRIVATE KEY-----", "");
-                                    key = key.replaceAll("-----END RSA PRIVATE KEY-----", "");
                                     key = key.trim();
                                 }
                                 case "cert" -> {
                                     cert = parser.getText();
-                                    cert = cert.replaceAll("-----BEGIN CERTIFICATE-----", "");
-                                    cert = cert.replaceAll("-----END CERTIFICATE-----", "");
                                     cert = cert.trim();
                                 }
                             }
diff --git a/app/src/test/java/se/leap/bitmaskclient/base/utils/CredentialsParserTest.java b/app/src/test/java/se/leap/bitmaskclient/base/utils/CredentialsParserTest.java
index c8bfd21f3..55a9e94f8 100644
--- a/app/src/test/java/se/leap/bitmaskclient/base/utils/CredentialsParserTest.java
+++ b/app/src/test/java/se/leap/bitmaskclient/base/utils/CredentialsParserTest.java
@@ -24,8 +24,13 @@ public class CredentialsParserTest {
         String ed25519_creds = TestSetupHelper.getInputAsString(getClass().getClassLoader().getResourceAsStream("ed25519_credentials.pem"));
         Provider provider = new Provider("https://demo.bitmask.net");
         CredentialsParser.parseXml(ed25519_creds, provider);
-        assertEquals("MC4CAQAwBQYDK2VwBCIEIF+HZvpSdhnTbYeT635bT2+IU4FbW3EWlHuUnXvhb10m", provider.getPrivateKeyString());
-        assertEquals("MIIBgzCCASigAwIBAgIRALD3Z4SsobpcU7tcC0r9JOQwCgYIKoZIzj0EAwIwNzE1\n" +
+        assertEquals(
+                "-----BEGIN PRIVATE KEY-----\n" +
+                "MC4CAQAwBQYDK2VwBCIEIF+HZvpSdhnTbYeT635bT2+IU4FbW3EWlHuUnXvhb10m\n" +
+                "-----END PRIVATE KEY-----", provider.getPrivateKeyString());
+        assertEquals(
+                "-----BEGIN CERTIFICATE-----\n" +
+                "MIIBgzCCASigAwIBAgIRALD3Z4SsobpcU7tcC0r9JOQwCgYIKoZIzj0EAwIwNzE1\n" +
                 "MDMGA1UEAwwsUHJvdmlkZXIgUm9vdCBDQSAoY2xpZW50IGNlcnRpZmljYXRlcyBv\n" +
                 "bmx5ISkwHhcNMjQxMTA1MTU0MjU0WhcNMjQxMTI5MTU0MjU0WjAUMRIwEAYDVQQD\n" +
                 "EwlVTkxJTUlURUQwKjAFBgMrZXADIQC5QkZAcpkQ3Rm54gN5iLEU1Zp1w+patXVT\n" +
@@ -33,8 +38,11 @@ public class CredentialsParserTest {
                 "MB0GA1UdDgQWBBRMxeMW4vqGK7FBkDt2+8upfkK1kzAfBgNVHSMEGDAWgBS0pVQs\n" +
                 "1wnvNYG0AnmkxUcLOw+BLDAKBggqhkjOPQQDAgNJADBGAiEAg112+zWMm9qrPTvK\n" +
                 "99IMa+wbeNzZLSoN9xewf5rxOX0CIQCvMi08JcajsAJ9Dg6YAQgpmFdb35HDCzve\n" +
-                "lhkTCWJpgQ==", provider.getVpnCertificate());
-        assertEquals("MIIBozCCAUigAwIBAgIBATAKBggqhkjOPQQDAjA3MTUwMwYDVQQDDCxQcm92aWRl\n" +
+                "lhkTCWJpgQ==\n" +
+                "-----END CERTIFICATE-----", provider.getVpnCertificate());
+        assertEquals(
+                "-----BEGIN CERTIFICATE-----\n" +
+                "MIIBozCCAUigAwIBAgIBATAKBggqhkjOPQQDAjA3MTUwMwYDVQQDDCxQcm92aWRl\n" +
                 "ciBSb290IENBIChjbGllbnQgY2VydGlmaWNhdGVzIG9ubHkhKTAeFw0yNDEwMjMx\n" +
                 "MjA0MjRaFw0yOTEwMjMxMjA5MjRaMDcxNTAzBgNVBAMMLFByb3ZpZGVyIFJvb3Qg\n" +
                 "Q0EgKGNsaWVudCBjZXJ0aWZpY2F0ZXMgb25seSEpMFkwEwYHKoZIzj0CAQYIKoZI\n" +
@@ -42,7 +50,8 @@ public class CredentialsParserTest {
                 "eXCHVGjS2Z+jpyI1u9ic3igThsKEmdZMSKNFMEMwDgYDVR0PAQH/BAQDAgKkMBIG\n" +
                 "A1UdEwEB/wQIMAYBAf8CAQEwHQYDVR0OBBYEFLSlVCzXCe81gbQCeaTFRws7D4Es\n" +
                 "MAoGCCqGSM49BAMCA0kAMEYCIQCw88nXg/vs/KgGqH1uPs9oZkOxucVn/ZEznYzg\n" +
-                "szLhtAIhAPY32oHwmj3yHO9H2Jp7x0CoHuu1fKd9fQTBvEEbi7o9", provider.getCaCert());
+                "szLhtAIhAPY32oHwmj3yHO9H2Jp7x0CoHuu1fKd9fQTBvEEbi7o9\n" +
+                "-----END CERTIFICATE-----", provider.getCaCert());
     }
 
 }
-- 
GitLab