Connecting to a server with TLS Client Authentication crashes app

[rohm1]

Steps To Reproduce

#582 has been closed as it concerns the old app. New issue for the new kotlin app

Expected Result

Connecting to a server with TLS client authentication crashes the app

Actual Result

Connecting to a server with TLS client authentication should work

Screenshots or Videos

No response

Additional Context

No response

Build Version

2024.11.1

What server are you connecting to?

Self-host

Self-host Server Version

Vaultwarden 1.32.5

Environment Details

No response

Issue Tracking Info

• I understand that work is tracked outside of Github. A PR will be linked to this issue should one be opened to address it, but Bitwarden doesn't use fields like "assigned", "milestone", or "project" to track progress.

[bitwarden-bot]

Thank you for your report! We've added this to our internal board for review.
ID: PM-15537

[rohm1]

I have already started working on this. At first I discovered the SDK and started working my way inside it. Then I wanted to test the new SDK within the app but I was still having issues, only to see that the app is using a network provider. I have now started to patch the network provider, but I was wondering when is the SDK provider used. Can somebody familiar with the app help me with that?

Depending on when are the network and SDK provider used, I think we could implement the certificates differently. In case only the network provider is used, it would be a better user experience to import the certificates in Android and load the certificates from the Android trust store in the app. In case both the network and SDK provider are used, we would need to allow the user to select their certificates inside the app, as the SDK cannot use the Android trust store (at least not that I know of).

[vvolkgang]

@rohm1 We won't be using the SDK for network calls for now. I've not looked into this yet, based on @oguzhane's work in the legacy codebase, I assumed we would have to support both approaches: bitwarden/mobile#2629

[Daniel-dev22]

@vvolkgang

This might be helpful. Home Assistant another open source project uses MTLs in their iOS app written in swift and android written on kotlin.

Here's a link to the repos you can have a look around them to see how their implementing MTLs and hopefully that helps ease implementing in the bitwarden apps.

Android
https://github.com/home-assistant/android/blob/3833e73dfeb42ba9fa336d4d1cc5bc22941bb7e8/common/src/main/java/io/homeassistant/companion/android/common/data/TLSHelper.kt#L29

iOS
https://github.com/home-assistant/iOS/blob/20a59306e20959d955e3bb0111132a00e0dcd016/Sources/App/Onboarding/API/Steps/OnboardingAuthStepConnectivity.swift#L87

[Daniel-dev22]

@rohm1 Let us know if you need any testers. I'm willing to test it out.

[rohm1]

@Daniel-dev22 Thanks for the links. I opened a PR: #4486
I did not follow the complete HA implementation, I explain why in the PR. Let me know if it works for you!