blob: 3e74e1541ccd679f960a505ef982a94ba2b92420 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
|
/*
* Copyright © Ricki Hirner (bitfire web engineering).
* All rights reserved. This program and the accompanying materials
* are made available under the terms of the GNU Public License v3.0
* which accompanies this distribution, and is available at
* http://www.gnu.org/licenses/gpl.html
*/
package at.bitfire.cert4android
import android.content.Intent
import android.os.Bundle
import android.view.View
import androidx.appcompat.app.AppCompatActivity
import androidx.databinding.DataBindingUtil
import androidx.lifecycle.MutableLiveData
import androidx.lifecycle.ViewModel
import androidx.lifecycle.ViewModelProviders
import at.bitfire.cert4android.databinding.ActivityTrustCertificateBinding
import java.io.ByteArrayInputStream
import java.security.MessageDigest
import java.security.cert.CertificateFactory
import java.security.cert.CertificateParsingException
import java.security.cert.X509Certificate
import java.security.spec.MGF1ParameterSpec.SHA1
import java.security.spec.MGF1ParameterSpec.SHA256
import java.text.DateFormat
import java.util.*
import java.util.logging.Level
import kotlin.concurrent.thread
class TrustCertificateActivity: AppCompatActivity() {
companion object {
const val EXTRA_CERTIFICATE = "certificate"
}
private lateinit var model: Model
override fun onCreate(savedInstanceState: Bundle?) {
super.onCreate(savedInstanceState)
model = ViewModelProviders.of(this).get(Model::class.java)
model.processIntent(intent)
val binding = DataBindingUtil.setContentView<ActivityTrustCertificateBinding>(this, R.layout.activity_trust_certificate)
binding.lifecycleOwner = this
binding.model = model
}
override fun onNewIntent(intent: Intent) {
super.onNewIntent(intent)
model.processIntent(intent)
}
fun acceptCertificate(view: View) {
sendDecision(true)
finish()
}
fun rejectCertificate(view: View) {
sendDecision(false)
finish()
}
private fun sendDecision(trusted: Boolean) {
val intent = Intent(this, CustomCertService::class.java)
with(intent) {
action = CustomCertService.CMD_CERTIFICATION_DECISION
putExtra(CustomCertService.EXTRA_CERTIFICATE, getIntent().getSerializableExtra(EXTRA_CERTIFICATE))
putExtra(CustomCertService.EXTRA_TRUSTED, trusted)
}
startService(intent)
}
class Model: ViewModel() {
companion object {
val certFactory = CertificateFactory.getInstance("X.509")!!
}
val issuedFor = MutableLiveData<String>()
val issuedBy = MutableLiveData<String>()
val validFrom = MutableLiveData<String>()
val validTo = MutableLiveData<String>()
val sha1 = MutableLiveData<String>()
val sha256 = MutableLiveData<String>()
val verifiedByUser = MutableLiveData<Boolean>()
fun processIntent(intent: Intent?) {
intent?.getByteArrayExtra(EXTRA_CERTIFICATE)?.let { raw ->
thread {
val cert = certFactory.generateCertificate(ByteArrayInputStream(raw)) as? X509Certificate ?: return@thread
try {
val subject = if (cert.issuerAlternativeNames != null) {
val sb = StringBuilder()
for (altName in cert.subjectAlternativeNames.orEmpty()) {
val name = altName[1]
if (name is String)
sb.append("[").append(altName[0]).append("]").append(name).append(" ")
}
sb.toString()
} else
cert.subjectDN.name
issuedFor.postValue(subject)
issuedBy.postValue(cert.issuerDN.toString())
val formatter = DateFormat.getDateInstance(DateFormat.LONG)
validFrom.postValue(formatter.format(cert.notBefore))
validTo.postValue(formatter.format(cert.notAfter))
sha1.postValue(fingerprint(cert, SHA1.digestAlgorithm))
sha256.postValue(fingerprint(cert, SHA256.digestAlgorithm))
} catch(e: CertificateParsingException) {
Constants.log.log(Level.WARNING, "Couldn't parse certificate", e)
}
}
}
}
private fun fingerprint(cert: X509Certificate, algorithm: String) =
try {
val md = MessageDigest.getInstance(algorithm)
"$algorithm: ${hexString(md.digest(cert.encoded))}"
} catch(e: Exception) {
e.message ?: "Couldn't create message digest"
}
private fun hexString(data: ByteArray): String {
val str = data.mapTo(LinkedList()) { String.format("%02x", it) }
return str.joinToString(":")
}
}
}
|
