github-starred/android
2
0
Fork 0
mirror of https://github.com/bitwarden/android.git synced 2026-03-14 14:16:23 -05:00
Code Issues 144 Packages Projects Releases 116 Wiki Activity

Connecting to a server with TLS Client Authentication crashes app #2093

New Issue
Closed
opened 2025-11-26 23:07:56 -06:00 by GiteaMirror · 6 comments
GiteaMirror commented 2025-11-26 23:07:56 -06:00
Owner
Copy Link

Originally created by @rohm1 on GitHub (Dec 3, 2024).

Steps To Reproduce

#582 has been closed as it concerns the old app. New issue for the new kotlin app

Expected Result

Connecting to a server with TLS client authentication crashes the app

Actual Result

Connecting to a server with TLS client authentication should work

Screenshots or Videos

No response

Additional Context

No response

Build Version

2024.11.1

What server are you connecting to?

Self-host

Self-host Server Version

Vaultwarden 1.32.5

Environment Details

No response

Issue Tracking Info

  • I understand that work is tracked outside of Github. A PR will be linked to this issue should one be opened to address it, but Bitwarden doesn't use fields like "assigned", "milestone", or "project" to track progress.
Originally created by @rohm1 on GitHub (Dec 3, 2024). ### Steps To Reproduce #582 has been closed as it concerns the old app. New issue for the new kotlin app ### Expected Result Connecting to a server with TLS client authentication crashes the app ### Actual Result Connecting to a server with TLS client authentication should work ### Screenshots or Videos _No response_ ### Additional Context _No response_ ### Build Version 2024.11.1 ### What server are you connecting to? Self-host ### Self-host Server Version Vaultwarden 1.32.5 ### Environment Details _No response_ ### Issue Tracking Info - [X] I understand that work is tracked outside of Github. A PR will be linked to this issue should one be opened to address it, but Bitwarden doesn't use fields like "assigned", "milestone", or "project" to track progress.
GiteaMirror added the bug label 2025-11-26 23:07:56 -06:00
GiteaMirror commented 2025-11-26 23:07:57 -06:00
Author
Owner
Copy Link

@bitwarden-bot commented on GitHub (Dec 3, 2024):

Thank you for your report! We've added this to our internal board for review.
ID: PM-15537

@bitwarden-bot commented on GitHub (Dec 3, 2024): Thank you for your report! We've added this to our internal board for review. ID: PM-15537
GiteaMirror commented 2025-11-26 23:07:57 -06:00
Author
Owner
Copy Link

@rohm1 commented on GitHub (Dec 3, 2024):

I have already started working on this. At first I discovered the SDK and started working my way inside it. Then I wanted to test the new SDK within the app but I was still having issues, only to see that the app is using a network provider. I have now started to patch the network provider, but I was wondering when is the SDK provider used. Can somebody familiar with the app help me with that?

Depending on when are the network and SDK provider used, I think we could implement the certificates differently. In case only the network provider is used, it would be a better user experience to import the certificates in Android and load the certificates from the Android trust store in the app. In case both the network and SDK provider are used, we would need to allow the user to select their certificates inside the app, as the SDK cannot use the Android trust store (at least not that I know of).

@rohm1 commented on GitHub (Dec 3, 2024): I have already started working on this. At first I discovered the SDK and started working my way inside it. Then I wanted to test the new SDK within the app but I was still having issues, only to see that the app is using a _network_ provider. I have now started to patch the network provider, but I was wondering when is the SDK provider used. Can somebody familiar with the app help me with that? Depending on when are the network and SDK provider used, I think we could implement the certificates differently. In case only the network provider is used, it would be a better user experience to import the certificates in Android and load the certificates from the Android trust store in the app. In case both the network and SDK provider are used, we would need to allow the user to select their certificates inside the app, as the SDK cannot use the Android trust store (at least not that I know of).
GiteaMirror commented 2025-11-26 23:07:57 -06:00
Author
Owner
Copy Link

@vvolkgang commented on GitHub (Dec 5, 2024):

@rohm1 We won't be using the SDK for network calls for now. I've not looked into this yet, based on @oguzhane's work in the legacy codebase, I assumed we would have to support both approaches: https://github.com/bitwarden/mobile/pull/2629

@vvolkgang commented on GitHub (Dec 5, 2024): @rohm1 We won't be using the SDK for network calls for now. I've not looked into this yet, based on @oguzhane's work in the legacy codebase, I assumed we would have to support both approaches: https://github.com/bitwarden/mobile/pull/2629
GiteaMirror commented 2025-11-26 23:07:58 -06:00
Author
Owner
Copy Link

@Daniel-dev22 commented on GitHub (Dec 8, 2024):

@vvolkgang

This might be helpful. Home Assistant another open source project uses MTLs in their iOS app written in swift and android written on kotlin.

Here's a link to the repos you can have a look around them to see how their implementing MTLs and hopefully that helps ease implementing in the bitwarden apps.

Android
3833e73dfe/common/src/main/java/io/homeassistant/companion/android/common/data/TLSHelper.kt (L29)

iOS
20a59306e2/Sources/App/Onboarding/API/Steps/OnboardingAuthStepConnectivity.swift (L87)

@Daniel-dev22 commented on GitHub (Dec 8, 2024): @vvolkgang This might be helpful. Home Assistant another open source project uses MTLs in their iOS app written in swift and android written on kotlin. Here's a link to the repos you can have a look around them to see how their implementing MTLs and hopefully that helps ease implementing in the bitwarden apps. Android https://github.com/home-assistant/android/blob/3833e73dfeb42ba9fa336d4d1cc5bc22941bb7e8/common/src/main/java/io/homeassistant/companion/android/common/data/TLSHelper.kt#L29 iOS https://github.com/home-assistant/iOS/blob/20a59306e20959d955e3bb0111132a00e0dcd016/Sources/App/Onboarding/API/Steps/OnboardingAuthStepConnectivity.swift#L87
GiteaMirror commented 2025-11-26 23:07:58 -06:00
Author
Owner
Copy Link

@Daniel-dev22 commented on GitHub (Dec 16, 2024):

@rohm1 Let us know if you need any testers. I'm willing to test it out.

@Daniel-dev22 commented on GitHub (Dec 16, 2024): @rohm1 Let us know if you need any testers. I'm willing to test it out.
GiteaMirror commented 2025-11-26 23:07:58 -06:00
Author
Owner
Copy Link

@rohm1 commented on GitHub (Dec 17, 2024):

@Daniel-dev22 Thanks for the links. I opened a PR: https://github.com/bitwarden/android/pull/4486
I did not follow the complete HA implementation, I explain why in the PR. Let me know if it works for you!

@rohm1 commented on GitHub (Dec 17, 2024): @Daniel-dev22 Thanks for the links. I opened a PR: https://github.com/bitwarden/android/pull/4486 I did not follow the complete HA implementation, I explain why in the PR. Let me know if it works for you!
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
app:authenticator
app:password-manager
bug
bug-passkey
customer-support
duplicate
enhancement
good first issue
help wanted
needs-reply
needs-response
pull-request
Mirrored from GitHub Pull Request
 question
No Label bug
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/android#2093
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?