blob: a50c0ee7c63017de680558f878060bf2fac1c302 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
|
/*
* Copyright © Ricki Hirner (bitfire web engineering).
* All rights reserved. This program and the accompanying materials
* are made available under the terms of the GNU Public License v3.0
* which accompanies this distribution, and is available at
* http://www.gnu.org/licenses/gpl.html
*/
package at.bitfire.cert4android
import android.content.Intent
import android.os.Bundle
import androidx.appcompat.app.AppCompatActivity
import androidx.databinding.DataBindingUtil
import androidx.lifecycle.MutableLiveData
import androidx.lifecycle.ViewModel
import androidx.lifecycle.ViewModelProvider
import at.bitfire.cert4android.databinding.ActivityTrustCertificateBinding
import java.io.ByteArrayInputStream
import java.security.cert.CertificateFactory
import java.security.cert.CertificateParsingException
import java.security.cert.X509Certificate
import java.security.spec.MGF1ParameterSpec.SHA1
import java.security.spec.MGF1ParameterSpec.SHA256
import java.text.DateFormat
import java.util.logging.Level
import kotlin.concurrent.thread
class TrustCertificateActivity: AppCompatActivity() {
companion object {
const val EXTRA_CERTIFICATE = "certificate"
}
private lateinit var model: Model
override fun onCreate(savedInstanceState: Bundle?) {
super.onCreate(savedInstanceState)
model = ViewModelProvider(this).get(Model::class.java)
model.processIntent(intent)
val binding = DataBindingUtil.setContentView<ActivityTrustCertificateBinding>(this, R.layout.activity_trust_certificate)
binding.lifecycleOwner = this
binding.model = model
binding.acceptCertificate.setOnClickListener {
sendDecision(true)
finish()
}
binding.rejectCertificate.setOnClickListener {
sendDecision(false)
finish()
}
}
override fun onNewIntent(intent: Intent) {
super.onNewIntent(intent)
model.processIntent(intent)
}
private fun sendDecision(trusted: Boolean) {
val intent = Intent(this, CustomCertService::class.java)
with(intent) {
action = CustomCertService.CMD_CERTIFICATION_DECISION
putExtra(CustomCertService.EXTRA_CERTIFICATE, getIntent().getSerializableExtra(EXTRA_CERTIFICATE))
putExtra(CustomCertService.EXTRA_TRUSTED, trusted)
}
startService(intent)
}
class Model: ViewModel() {
companion object {
val certFactory = CertificateFactory.getInstance("X.509")!!
}
val issuedFor = MutableLiveData<String>()
val issuedBy = MutableLiveData<String>()
val validFrom = MutableLiveData<String>()
val validTo = MutableLiveData<String>()
val sha1 = MutableLiveData<String>()
val sha256 = MutableLiveData<String>()
val verifiedByUser = MutableLiveData<Boolean>()
fun processIntent(intent: Intent?) {
intent?.getByteArrayExtra(EXTRA_CERTIFICATE)?.let { raw ->
thread {
val cert = certFactory.generateCertificate(ByteArrayInputStream(raw)) as? X509Certificate ?: return@thread
try {
val subject = cert.subjectAlternativeNames?.let { altNames ->
val sb = StringBuilder()
for (altName in altNames) {
val name = altName[1]
if (name is String)
sb.append("[").append(altName[0]).append("]").append(name).append(" ")
}
sb.toString()
} ?: /* use CN if alternative names are not available */ cert.subjectDN.name
issuedFor.postValue(subject)
issuedBy.postValue(cert.issuerDN.toString())
val formatter = DateFormat.getDateInstance(DateFormat.LONG)
validFrom.postValue(formatter.format(cert.notBefore))
validTo.postValue(formatter.format(cert.notAfter))
sha1.postValue("SHA1: " + CertUtils.fingerprint(cert, SHA1.digestAlgorithm))
sha256.postValue("SHA256: " + CertUtils.fingerprint(cert, SHA256.digestAlgorithm))
} catch(e: CertificateParsingException) {
Constants.log.log(Level.WARNING, "Couldn't parse certificate", e)
}
}
}
}
}
}
|