AndroidTacticalAssaultKit-CIV
AndroidTacticalAssaultKit-CIV copied to clipboard
deptofdefense
Crash after invalid cert enrolment
I'm testing ATAK 4.8.1.6 with my own server and I found a bug.
When you logging in ATAK via quick connect, app sends POST request to /Marti/api/tls/signClient?clientUID=yyy&version=xxx and downloading PKCS12 cert bundle. If the client auth certificate doesn't have the "signedCert" alias, the app crashes and will not work at all (to fix this you'll need to clear app's data).
I think it's related to file CertificateSigningOperation.java line 206: certPem=null and it's being saved as null
Crash
2023-02-15 12:55:12.503 20108-20108 AndroidRuntime com.atakmap.app.civ E FATAL EXCEPTION: main Process: com.atakmap.app.civ, PID: 20108 java.lang.NullPointerException: Attempt to invoke virtual method 'void java.security.cert.X509Certificate.checkValidity()' on a null object reference at com.atakmap.net.h.b(SourceFile:723) at com.atakmap.app.f.b(SourceFile:235) at com.atakmap.app.f.a(SourceFile:81) at com.atakmap.app.ATAKActivity$20$1.run(SourceFile:592) at com.atakmap.app.ATAKActivity$3.run(SourceFile:724) at com.atakmap.android.maps.MapActivity$1.run(SourceFile:394) at com.atakmap.android.maps.ad$1.run(SourceFile:275) at com.atakmap.android.maps.ad.b(SourceFile:352) at com.atakmap.android.maps.ad.a(SourceFile:93) at com.atakmap.android.maps.ad$2.run(SourceFile:334) at android.os.Handler.handleCallback(Handler.java:938) at android.os.Handler.dispatchMessage(Handler.java:99) at android.os.Looper.loop(Looper.java:223) at android.app.ActivityThread.main(ActivityThread.java:7656) at java.lang.reflect.Method.invoke(Native Method) at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:592) at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:947)
