From 2d12c00ba48925347607a8ea9d8be7e7e1e28001 Mon Sep 17 00:00:00 2001 From: M66B Date: Wed, 29 Jan 2020 13:08:06 +0100 Subject: [PATCH] Mark trusted certificates --- .../main/java/eu/faircode/email/FragmentMessages.java | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/app/src/main/java/eu/faircode/email/FragmentMessages.java b/app/src/main/java/eu/faircode/email/FragmentMessages.java index d77baada8e..7da5a29f74 100644 --- a/app/src/main/java/eu/faircode/email/FragmentMessages.java +++ b/app/src/main/java/eu/faircode/email/FragmentMessages.java @@ -4825,8 +4825,11 @@ public class FragmentMessages extends FragmentBase implements SharedPreferences. ArrayList trace = new ArrayList<>(); for (Certificate c : path.getCertPath().getCertificates()) if (c instanceof X509Certificate) { + // https://tools.ietf.org/html/rfc5280#section-4.2.1.3 + boolean[] usage = ((X509Certificate) c).getKeyUsage(); + boolean root = (usage != null && usage[5]); EntityCertificate record = EntityCertificate.from((X509Certificate) c, null); - trace.add(record.subject); + trace.add(record.subject + (root ? " *" : "")); } args.putStringArrayList("trace", trace); } catch (Throwable ex) { @@ -4834,8 +4837,10 @@ public class FragmentMessages extends FragmentBase implements SharedPreferences. ArrayList trace = new ArrayList<>(); for (X509Certificate c : certs) { + boolean[] usage = ((X509Certificate) c).getKeyUsage(); + boolean root = (usage != null && usage[5]); EntityCertificate record = EntityCertificate.from(c, null); - trace.add(record.subject); + trace.add(record.subject + (root ? " *" : "")); } args.putStringArrayList("trace", trace); }