3 files changed, 106 insertions, 17 deletions

diff --git a/src/frontends/android/res/menu/certificates.xml b/src/frontends/android/res/menu/certificates.xml
index c735e0c70..6066cab60 100644
--- a/src/frontends/android/res/menu/certificates.xml
+++ b/src/frontends/android/res/menu/certificates.xml
@@ -16,6 +16,11 @@
 <menu xmlns:android="http://schemas.android.com/apk/res/android" >
 
     <item
+        android:id="@+id/menu_import_certificate"
+        android:title="@string/import_certificate"
+        android:showAsAction="withText" />
+
+    <item
         android:id="@+id/menu_reload_certs"
         android:title="@string/reload_trusted_certs"
         android:showAsAction="withText" />
diff --git a/src/frontends/android/src/org/strongswan/android/ui/TrustedCertificateImportActivity.java b/src/frontends/android/src/org/strongswan/android/ui/TrustedCertificateImportActivity.java
index 663c414e2..f8a9438b6 100644
--- a/src/frontends/android/src/org/strongswan/android/ui/TrustedCertificateImportActivity.java
+++ b/src/frontends/android/src/org/strongswan/android/ui/TrustedCertificateImportActivity.java
@@ -23,13 +23,27 @@ import java.security.cert.X509Certificate;
 import org.strongswan.android.R;
 import org.strongswan.android.logic.TrustedCertificateManager;
 
+import android.annotation.TargetApi;
 import android.app.Activity;
 import android.content.Intent;
+import android.net.Uri;
+import android.os.Build;
 import android.os.Bundle;
 import android.widget.Toast;
 
 public class TrustedCertificateImportActivity extends Activity
 {
+	private static final int OPEN_DOCUMENT = 0;
+
+	/* same as those listed in the manifest */
+	private static final String[] ACCEPTED_MIME_TYPES = {
+														 "application/x-x509-ca-cert",
+														 "application/x-x509-server-cert",
+														 "application/x-pem-file",
+														 "application/pkix-cert"
+	};
+
+	@TargetApi(Build.VERSION_CODES.KITKAT)
 	@Override
 	public void onCreate(Bundle savedInstanceState)
 	{
@@ -39,24 +53,63 @@ public class TrustedCertificateImportActivity extends Activity
 		String action = intent.getAction();
 		if (Intent.ACTION_VIEW.equals(action))
 		{
-			try
-			{
-				CertificateFactory factory = CertificateFactory.getInstance("X.509");
-				InputStream in = getContentResolver().openInputStream(intent.getData());
-				X509Certificate certificate = (X509Certificate)factory.generateCertificate(in);
-				/* we don't check whether it's actually a CA certificate or not */
-				KeyStore store = KeyStore.getInstance("LocalCertificateStore");
-				store.load(null, null);
-				store.setCertificateEntry(null, certificate);
-				TrustedCertificateManager.getInstance().reset();
-				Toast.makeText(this, R.string.cert_imported_successfully, Toast.LENGTH_LONG).show();
-			}
-			catch (Exception e)
-			{
-				Toast.makeText(this, R.string.cert_import_failed, Toast.LENGTH_LONG).show();
-				e.printStackTrace();
-			}
+			importCertificate(intent.getData());
+		}
+		else if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.KITKAT)
+		{
+			Intent openIntent = new Intent(Intent.ACTION_OPEN_DOCUMENT);
+			openIntent.setType("*/*");
+			openIntent.putExtra(Intent.EXTRA_MIME_TYPES, ACCEPTED_MIME_TYPES);
+			startActivityForResult(openIntent, OPEN_DOCUMENT);
+			return;
 		}
 		finish();
 	}
+
+	@Override
+	protected void onActivityResult(int requestCode, int resultCode, Intent data)
+	{
+		switch (requestCode)
+		{
+			case OPEN_DOCUMENT:
+				if (resultCode == Activity.RESULT_OK && data != null)
+				{
+					if (importCertificate(data.getData()))
+					{
+						setResult(Activity.RESULT_OK);
+					}
+				}
+				finish();
+				return;
+		}
+		super.onActivityResult(requestCode, resultCode, data);
+	}
+
+	/**
+	 * Try to import the file pointed to by the given URI as a certificate.
+	 * @param uri
+	 * @return whether the import was successful
+	 */
+	private boolean importCertificate(Uri uri)
+	{
+		try
+		{
+			CertificateFactory factory = CertificateFactory.getInstance("X.509");
+			InputStream in = getContentResolver().openInputStream(uri);
+			X509Certificate certificate = (X509Certificate)factory.generateCertificate(in);
+			/* we don't check whether it's actually a CA certificate or not */
+			KeyStore store = KeyStore.getInstance("LocalCertificateStore");
+			store.load(null, null);
+			store.setCertificateEntry(null, certificate);
+			TrustedCertificateManager.getInstance().reset();
+			Toast.makeText(this, R.string.cert_imported_successfully, Toast.LENGTH_LONG).show();
+			return true;
+		}
+		catch (Exception e)
+		{
+			Toast.makeText(this, R.string.cert_import_failed, Toast.LENGTH_LONG).show();
+			e.printStackTrace();
+		}
+		return false;
+	}
 }
diff --git a/src/frontends/android/src/org/strongswan/android/ui/TrustedCertificatesActivity.java b/src/frontends/android/src/org/strongswan/android/ui/TrustedCertificatesActivity.java
index 1211ef545..663950c16 100644
--- a/src/frontends/android/src/org/strongswan/android/ui/TrustedCertificatesActivity.java
+++ b/src/frontends/android/src/org/strongswan/android/ui/TrustedCertificatesActivity.java
@@ -30,6 +30,7 @@ import android.app.Activity;
 import android.app.Fragment;
 import android.app.FragmentTransaction;
 import android.content.Intent;
+import android.os.Build;
 import android.os.Bundle;
 import android.view.Menu;
 import android.view.MenuItem;
@@ -38,6 +39,7 @@ public class TrustedCertificatesActivity extends Activity implements TrustedCert
 {
 	public static final String SELECT_CERTIFICATE = "org.strongswan.android.action.SELECT_CERTIFICATE";
 	private static final String DIALOG_TAG = "Dialog";
+	private static final int IMPORT_CERTIFICATE = 0;
 	private boolean mSelect;
 
 	@Override
@@ -92,6 +94,16 @@ public class TrustedCertificatesActivity extends Activity implements TrustedCert
 	}
 
 	@Override
+	public boolean onPrepareOptionsMenu(Menu menu)
+	{
+		if (Build.VERSION.SDK_INT < Build.VERSION_CODES.KITKAT)
+		{
+			menu.removeItem(R.id.menu_import_certificate);
+		}
+		return true;
+	}
+
+	@Override
 	public boolean onOptionsItemSelected(MenuItem item)
 	{
 		switch (item.getItemId())
@@ -102,11 +114,30 @@ public class TrustedCertificatesActivity extends Activity implements TrustedCert
 			case R.id.menu_reload_certs:
 				reloadCertificates();
 				return true;
+			case R.id.menu_import_certificate:
+				Intent intent = new Intent(this, TrustedCertificateImportActivity.class);
+				startActivityForResult(intent, IMPORT_CERTIFICATE);
+				return true;
 		}
 		return super.onOptionsItemSelected(item);
 	}
 
 	@Override
+	protected void onActivityResult(int requestCode, int resultCode, Intent data)
+	{
+		switch (requestCode)
+		{
+			case IMPORT_CERTIFICATE:
+				if (resultCode == Activity.RESULT_OK)
+				{
+					reloadCertificates();
+				}
+				return;
+		}
+		super.onActivityResult(requestCode, resultCode, data);
+	}
+
+	@Override
 	public void onTrustedCertificateSelected(TrustedCertificateEntry selected)
 	{
 		if (mSelect)