From 8e5a376cff81225557d7674a88a75bf7280d99ce Mon Sep 17 00:00:00 2001
From: M66B <M66B@users.noreply.github.com>
Date: Fri, 5 Jan 2024 13:42:49 +0100
Subject: [PATCH] Refactoring

---
 .../java/eu/faircode/email/DnsHelper.java     | 31 +++++++++++++++++++
 .../java/eu/faircode/email/SSLHelper.java     | 31 ++-----------------
 2 files changed, 33 insertions(+), 29 deletions(-)

diff --git a/app/src/main/java/eu/faircode/email/DnsHelper.java b/app/src/main/java/eu/faircode/email/DnsHelper.java
index 414d638d09..6b7641b5a9 100644
--- a/app/src/main/java/eu/faircode/email/DnsHelper.java
+++ b/app/src/main/java/eu/faircode/email/DnsHelper.java
@@ -31,6 +31,7 @@ import androidx.annotation.NonNull;
 
 import org.minidns.AbstractDnsClient;
 import org.minidns.DnsClient;
+import org.minidns.dane.DaneVerifier;
 import org.minidns.dnsmessage.DnsMessage;
 import org.minidns.dnsqueryresult.DnsQueryResult;
 import org.minidns.dnsqueryresult.StandardDnsQueryResult;
@@ -55,6 +56,8 @@ import org.minidns.util.MultipleIoException;
 import java.io.IOException;
 import java.net.InetAddress;
 import java.net.UnknownHostException;
+import java.security.cert.CertificateException;
+import java.security.cert.X509Certificate;
 import java.util.ArrayList;
 import java.util.Collections;
 import java.util.Comparator;
@@ -63,6 +66,9 @@ import java.util.Locale;
 import java.util.concurrent.Executor;
 import java.util.concurrent.Semaphore;
 import java.util.concurrent.TimeUnit;
+import java.util.logging.Handler;
+import java.util.logging.LogRecord;
+import java.util.logging.Logger;
 
 import javax.mail.Address;
 import javax.mail.internet.InternetAddress;
@@ -345,6 +351,31 @@ public class DnsHelper {
         return result;
     }
 
+    static void verifyDane(X509Certificate[] chain, String server, int port) throws CertificateException {
+        Handler handler = new Handler() {
+            @Override
+            public void publish(LogRecord record) {
+                Log.w("DANE " + record.getMessage());
+            }
+
+            @Override
+            public void flush() {
+            }
+
+            @Override
+            public void close() throws SecurityException {
+            }
+        };
+        String clazz = DaneVerifier.class.getName();
+        Logger.getLogger(clazz).addHandler(handler);
+        Log.w("DANE verify " + server + ":" + port);
+        boolean verified = new DaneVerifier().verifyCertificateChain(chain, server, port);
+        Log.w("DANE verified=" + verified + " " + server + ":" + port);
+        Logger.getLogger(clazz).removeHandler(handler);
+        if (!verified)
+            throw new CertificateException("DANE missing or invalid");
+    }
+
     static void test(Context context) throws UnknownHostException {
         test(context, "gmail.com", "ns");
         test(context, "gmail.com", "mx");
diff --git a/app/src/main/java/eu/faircode/email/SSLHelper.java b/app/src/main/java/eu/faircode/email/SSLHelper.java
index 87ace07fa5..6d9acbe6d0 100644
--- a/app/src/main/java/eu/faircode/email/SSLHelper.java
+++ b/app/src/main/java/eu/faircode/email/SSLHelper.java
@@ -29,8 +29,6 @@ import com.appmattus.certificatetransparency.CTTrustManagerBuilder;
 import com.appmattus.certificatetransparency.VerificationResult;
 import com.appmattus.certificatetransparency.cache.AndroidDiskCache;
 
-import org.minidns.dane.DaneVerifier;
-
 import java.net.InetAddress;
 import java.net.UnknownHostException;
 import java.security.KeyStore;
@@ -41,9 +39,6 @@ import java.security.cert.CertificateExpiredException;
 import java.security.cert.X509Certificate;
 import java.util.Arrays;
 import java.util.List;
-import java.util.logging.Handler;
-import java.util.logging.LogRecord;
-import java.util.logging.Logger;
 
 import javax.net.ssl.TrustManager;
 import javax.net.ssl.TrustManagerFactory;
@@ -130,30 +125,8 @@ public class SSLHelper {
                             throw new CertificateException(principal.getName(), ex);
                     }
 
-                    if (dane) {
-                        Handler handler = new Handler() {
-                            @Override
-                            public void publish(LogRecord record) {
-                                Log.w("DANE " + record.getMessage());
-                            }
-
-                            @Override
-                            public void flush() {
-                            }
-
-                            @Override
-                            public void close() throws SecurityException {
-                            }
-                        };
-                        String clazz = DaneVerifier.class.getName();
-                        Logger.getLogger(clazz).addHandler(handler);
-                        Log.w("DANE verify " + server + ":" + port);
-                        boolean verified = new DaneVerifier().verifyCertificateChain(chain, server, port);
-                        Log.w("DANE verified=" + verified + " " + server + ":" + port);
-                        Logger.getLogger(clazz).removeHandler(handler);
-                        if (!verified)
-                            throw new CertificateException("DANE missing or invalid");
-                    }
+                    if (dane)
+                        DnsHelper.verifyDane(chain, server, port);
 
                     // Check host name
                     if (check_names) {