Mirrors/FairEmail
1
0
Fork 0
mirror of https://github.com/M66B/FairEmail.git synced 2026-03-31 06:08:31 +02:00
Code Issues Packages Projects Releases Wiki Activity

Refactoring

Browse Source
This commit is contained in:
M66B
2021-07-06 15:26:55 +02:00
parent 6b4de49945
commit c0953d25d5
2 changed files with 53 additions and 43 deletions
Download Patch File Download Diff File Expand all files Collapse all files

46
app/src/main/java/eu/faircode/email/EmailService.java
View File

@@ -38,7 +38,6 @@ import com.sun.mail.util.SocketConnectException;
import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.x509.Extension;
import org.bouncycastle.asn1.x509.GeneralName;
import org.bouncycastle.asn1.x509.SubjectKeyIdentifier;
import java.io.ByteArrayOutputStream;
@@ -60,11 +59,9 @@ import java.security.Principal;
import java.security.PrivateKey;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateParsingException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.Enumeration;
import java.util.HashMap;
@@ -835,12 +832,9 @@ public class EmailService implements AutoCloseable {
}
// Check host name
List<String> names = getDnsNames(certificate);
for (String name : names)
if (matches(server, name)) {
Log.i("Trusted server=" + server + " name=" + name);
return;
}
List<String> names = ConnectionHelper.getDnsNames(certificate);
if (ConnectionHelper.matches(server, names))
return;
String error = server + " not in certificate: " + TextUtils.join(",", names);
Log.i(error);
@@ -970,40 +964,6 @@ public class EmailService implements AutoCloseable {
return factory.getSupportedCipherSuites();
}
private static boolean matches(String server, String name) {
if (name.startsWith("*.")) {
// Wildcard certificate
String domain = name.substring(2);
if (TextUtils.isEmpty(domain))
return false;
int dot = server.indexOf(".");
if (dot < 0)
return false;
String cdomain = server.substring(dot + 1);
if (TextUtils.isEmpty(cdomain))
return false;
return domain.equalsIgnoreCase(cdomain);
} else
return server.equalsIgnoreCase(name);
}
private static List<String> getDnsNames(X509Certificate certificate) throws CertificateParsingException {
List<String> result = new ArrayList<>();
Collection<List<?>> altNames = certificate.getSubjectAlternativeNames();
if (altNames == null)
return result;
for (List altName : altNames)
if (altName.get(0).equals(GeneralName.dNSName))
result.add((String) altName.get(1));
return result;
}
private static boolean matches(X509Certificate certificate, @NonNull String trustedFingerprint) {
// Get certificate fingerprint
try {