msb-public
/
FairEmail
mirror of https://github.com/M66B/FairEmail.git
1
0
Code Issues Projects Releases Wiki Activity

Refactoring

Browse Source
pull/199/head
M66B 4 years ago
parent 6b4de49945
commit c0953d25d5
2 changed files with 53 additions and 43 deletions
Show Stats Download Patch File Download Diff File

50
app/src/main/java/eu/faircode/email/ConnectionHelper.java
Unescape View File

@ -29,6 +29,7 @@ import android.net.NetworkInfo;
import android.os.Build; import android.os.Build;
import android.provider.Settings; import android.provider.Settings;
import android.telephony.TelephonyManager; import android.telephony.TelephonyManager;
import android.text.TextUtils;
import androidx.annotation.Nullable; import androidx.annotation.Nullable;
import androidx.preference.PreferenceManager; import androidx.preference.PreferenceManager;
@ -36,8 +37,14 @@ import androidx.preference.PreferenceManager;
import com.sun.mail.iap.ConnectionException; import com.sun.mail.iap.ConnectionException;
import com.sun.mail.util.FolderClosedIOException; import com.sun.mail.util.FolderClosedIOException;
import org.bouncycastle.asn1.x509.GeneralName;
import java.io.IOException; import java.io.IOException;
import java.security.cert.CertificateParsingException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays; import java.util.Arrays;
import java.util.Collection;
import java.util.Collections; import java.util.Collections;
import java.util.List; import java.util.List;
import java.util.Locale; import java.util.Locale;
@ -455,4 +462,47 @@ public class ConnectionHelper {
return Settings.Global.getInt(context.getContentResolver(), return Settings.Global.getInt(context.getContentResolver(),
Settings.Global.AIRPLANE_MODE_ON, 0) != 0; Settings.Global.AIRPLANE_MODE_ON, 0) != 0;
} }
static List<String> getDnsNames(X509Certificate certificate) throws CertificateParsingException {
List<String> result = new ArrayList<>();
Collection<List<?>> altNames = certificate.getSubjectAlternativeNames();
if (altNames == null)
return result;
for (List altName : altNames)
if (altName.get(0).equals(GeneralName.dNSName))
result.add((String) altName.get(1));
return result;
}
static boolean matches(String server, List<String> names) {
for (String name : names)
if (matches(server, name)) {
Log.i("Trusted server=" + server + " name=" + name);
return true;
}
return false;
}
private static boolean matches(String server, String name) {
if (name.startsWith("*.")) {
// Wildcard certificate
String domain = name.substring(2);
if (TextUtils.isEmpty(domain))
return false;
int dot = server.indexOf(".");
if (dot < 0)
return false;
String cdomain = server.substring(dot + 1);
if (TextUtils.isEmpty(cdomain))
return false;
return domain.equalsIgnoreCase(cdomain);
} else
return server.equalsIgnoreCase(name);
}
} }

46
app/src/main/java/eu/faircode/email/EmailService.java
Unescape View File

@ -38,7 +38,6 @@ import com.sun.mail.util.SocketConnectException;
import org.bouncycastle.asn1.DEROctetString; import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.x509.Extension; import org.bouncycastle.asn1.x509.Extension;
import org.bouncycastle.asn1.x509.GeneralName;
import org.bouncycastle.asn1.x509.SubjectKeyIdentifier; import org.bouncycastle.asn1.x509.SubjectKeyIdentifier;
import java.io.ByteArrayOutputStream; import java.io.ByteArrayOutputStream;
@ -60,11 +59,9 @@ import java.security.Principal;
import java.security.PrivateKey; import java.security.PrivateKey;
import java.security.cert.CertificateEncodingException; import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException; import java.security.cert.CertificateException;
import java.security.cert.CertificateParsingException;
import java.security.cert.X509Certificate; import java.security.cert.X509Certificate;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.Arrays; import java.util.Arrays;
import java.util.Collection;
import java.util.Collections; import java.util.Collections;
import java.util.Enumeration; import java.util.Enumeration;
import java.util.HashMap; import java.util.HashMap;
@ -835,12 +832,9 @@ public class EmailService implements AutoCloseable {
} }
// Check host name // Check host name
List<String> names = getDnsNames(certificate); List<String> names = ConnectionHelper.getDnsNames(certificate);
for (String name : names) if (ConnectionHelper.matches(server, names))
if (matches(server, name)) { return;
Log.i("Trusted server=" + server + " name=" + name);
return;
}
String error = server + " not in certificate: " + TextUtils.join(",", names); String error = server + " not in certificate: " + TextUtils.join(",", names);
Log.i(error); Log.i(error);
@ -970,40 +964,6 @@ public class EmailService implements AutoCloseable {
return factory.getSupportedCipherSuites(); return factory.getSupportedCipherSuites();
} }
private static boolean matches(String server, String name) {
if (name.startsWith("*.")) {
// Wildcard certificate
String domain = name.substring(2);
if (TextUtils.isEmpty(domain))
return false;
int dot = server.indexOf(".");
if (dot < 0)
return false;
String cdomain = server.substring(dot + 1);
if (TextUtils.isEmpty(cdomain))
return false;
return domain.equalsIgnoreCase(cdomain);
} else
return server.equalsIgnoreCase(name);
}
private static List<String> getDnsNames(X509Certificate certificate) throws CertificateParsingException {
List<String> result = new ArrayList<>();
Collection<List<?>> altNames = certificate.getSubjectAlternativeNames();
if (altNames == null)
return result;
for (List altName : altNames)
if (altName.get(0).equals(GeneralName.dNSName))
result.add((String) altName.get(1));
return result;
}
private static boolean matches(X509Certificate certificate, @NonNull String trustedFingerprint) { private static boolean matches(X509Certificate certificate, @NonNull String trustedFingerprint) {
// Get certificate fingerprint // Get certificate fingerprint
try { try {

Write Preview
Loading…
Cancel
Save