msb-public
/
FairEmail
mirror of https://github.com/M66B/FairEmail.git
1
0
Code Issues Projects Releases Wiki Activity

Always parse certificate subject to extract email addresses

Browse Source
pull/178/head
M66B 4 years ago
parent fe86c5ff45
commit 317221939e
3 changed files with 34 additions and 29 deletions
Show Stats Download Patch File Download Diff File

25
app/src/main/java/eu/faircode/email/ActivitySetup.java
Unescape View File

@ -84,7 +84,6 @@ import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.OutputStream;
import java.security.Principal;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
@ -1101,29 +1100,7 @@ public class ActivitySetup extends ActivityBase implements FragmentManager.OnBac
}
String fingerprint = EntityCertificate.getFingerprint(cert);
List<String> emails = EntityCertificate.getAltSubjectName(cert);
if (emails.size() == 0) {
Principal principal = cert.getSubjectDN();
if (principal != null) {
String subject = principal.getName();
if (subject != null) {
Log.i("Parsing subject=" + subject);
for (String p : subject.split(",")) {
String[] kv = p.split("=");
if (kv.length == 2) {
String key = kv[0].trim();
String value = kv[1].trim().toLowerCase();
if (Helper.EMAIL_ADDRESS.matcher(value).matches() &&
("CN".equalsIgnoreCase(key) ||
"emailAddress".equalsIgnoreCase(key))) {
if (!emails.contains(value))
emails.add(value);
}
}
}
}
}
}
List<String> emails = EntityCertificate.getEmailAddresses(cert);
if (emails.size() == 0)
throw new IllegalArgumentException("No email address found in key");

32
app/src/main/java/eu/faircode/email/EntityCertificate.java
Unescape View File

@ -32,6 +32,7 @@ import org.json.JSONObject;
import java.io.ByteArrayInputStream;
import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
@ -118,8 +119,9 @@ public class EntityCertificate {
return certificate.getSubjectX500Principal().getName(X500Principal.RFC2253);
}
static List<String> getAltSubjectName(X509Certificate certificate) {
static List<String> getEmailAddresses(X509Certificate certificate) {
List<String> result = new ArrayList<>();
try {
Collection<List<?>> altNames = certificate.getSubjectAlternativeNames();
if (altNames != null)
@ -129,9 +131,35 @@ public class EntityCertificate {
else
Log.i("Alt type=" + altName.get(0) + " data=" + altName.get(1));
} catch (CertificateParsingException ex) {
Log.w(ex);
Log.e(ex);
}
if (result.size() == 0)
try {
Principal principal = certificate.getSubjectDN();
if (principal != null) {
String subject = principal.getName();
if (subject != null) {
Log.i("Parsing subject=" + subject);
for (String p : subject.split(",")) {
String[] kv = p.split("=");
if (kv.length == 2) {
String key = kv[0].trim();
String value = kv[1].trim().toLowerCase();
if (Helper.EMAIL_ADDRESS.matcher(value).matches() &&
("CN".equalsIgnoreCase(key) ||
"emailAddress".equalsIgnoreCase(key))) {
if (!result.contains(value))
result.add(value);
}
}
}
}
}
} catch (Throwable ex) {
Log.e(ex);
}
return result;
}

6
app/src/main/java/eu/faircode/email/FragmentMessages.java
Unescape View File

@ -5434,7 +5434,7 @@ public class FragmentMessages extends FragmentBase implements SharedPreferences.
if (s.verify(verifier)) {
boolean known = true;
String fingerprint = EntityCertificate.getFingerprint(cert);
List<String> emails = EntityCertificate.getAltSubjectName(cert);
List<String> emails = EntityCertificate.getEmailAddresses(cert);
for (String email : emails) {
EntityCertificate record = db.certificate().getCertificate(fingerprint, email);
if (record == null)
@ -5719,7 +5719,7 @@ public class FragmentMessages extends FragmentBase implements SharedPreferences.
time = new Date();
boolean match = false;
List<String> emails = EntityCertificate.getAltSubjectName(cert);
List<String> emails = EntityCertificate.getEmailAddresses(cert);
for (String email : emails)
if (email.equalsIgnoreCase(sender)) {
match = true;
@ -5803,7 +5803,7 @@ public class FragmentMessages extends FragmentBase implements SharedPreferences.
return null;
String fingerprint = EntityCertificate.getFingerprint(cert);
List<String> emails = EntityCertificate.getAltSubjectName(cert);
List<String> emails = EntityCertificate.getEmailAddresses(cert);
for (String email : emails) {
EntityCertificate record = db.certificate().getCertificate(fingerprint, email);
if (record == null) {

Write Preview
Loading…
Cancel
Save