mirror of
https://github.com/M66B/FairEmail.git
synced 2025-01-01 12:44:42 +00:00
Always parse certificate subject to extract email addresses
This commit is contained in:
M66B
parent
fe86c5ff45
commit
317221939e
3 changed files with 34 additions and 29 deletions
|
|
@ -84,7 +84,6 @@ import java.io.IOException;
|
|||
import java.io.InputStream;
|
||||
import java.io.InputStreamReader;
|
||||
import java.io.OutputStream;
|
||||
import java.security.Principal;
|
||||
import java.security.SecureRandom;
|
||||
import java.security.cert.CertificateException;
|
||||
import java.security.cert.CertificateFactory;
|
||||
|
|
@ -1101,29 +1100,7 @@ public class ActivitySetup extends ActivityBase implements FragmentManager.OnBac
|
|||
}
|
||||
|
||||
String fingerprint = EntityCertificate.getFingerprint(cert);
|
||||
List<String> emails = EntityCertificate.getAltSubjectName(cert);
|
||||
if (emails.size() == 0) {
|
||||
Principal principal = cert.getSubjectDN();
|
||||
if (principal != null) {
|
||||
String subject = principal.getName();
|
||||
if (subject != null) {
|
||||
Log.i("Parsing subject=" + subject);
|
||||
for (String p : subject.split(",")) {
|
||||
String[] kv = p.split("=");
|
||||
if (kv.length == 2) {
|
||||
String key = kv[0].trim();
|
||||
String value = kv[1].trim().toLowerCase();
|
||||
if (Helper.EMAIL_ADDRESS.matcher(value).matches() &&
|
||||
("CN".equalsIgnoreCase(key) ||
|
||||
"emailAddress".equalsIgnoreCase(key))) {
|
||||
if (!emails.contains(value))
|
||||
emails.add(value);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
List<String> emails = EntityCertificate.getEmailAddresses(cert);
|
||||
|
||||
if (emails.size() == 0)
|
||||
throw new IllegalArgumentException("No email address found in key");
|
||||
|
|
|
|||
|
|
@ -32,6 +32,7 @@ import org.json.JSONObject;
|
|||
|
||||
import java.io.ByteArrayInputStream;
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
import java.security.Principal;
|
||||
import java.security.cert.CertificateEncodingException;
|
||||
import java.security.cert.CertificateException;
|
||||
import java.security.cert.CertificateFactory;
|
||||
|
|
@ -118,8 +119,9 @@ public class EntityCertificate {
|
|||
return certificate.getSubjectX500Principal().getName(X500Principal.RFC2253);
|
||||
}
|
||||
|
||||
static List<String> getAltSubjectName(X509Certificate certificate) {
|
||||
static List<String> getEmailAddresses(X509Certificate certificate) {
|
||||
List<String> result = new ArrayList<>();
|
||||
|
||||
try {
|
||||
Collection<List<?>> altNames = certificate.getSubjectAlternativeNames();
|
||||
if (altNames != null)
|
||||
|
|
@ -129,9 +131,35 @@ public class EntityCertificate {
|
|||
else
|
||||
Log.i("Alt type=" + altName.get(0) + " data=" + altName.get(1));
|
||||
} catch (CertificateParsingException ex) {
|
||||
Log.w(ex);
|
||||
Log.e(ex);
|
||||
}
|
||||
|
||||
if (result.size() == 0)
|
||||
try {
|
||||
Principal principal = certificate.getSubjectDN();
|
||||
if (principal != null) {
|
||||
String subject = principal.getName();
|
||||
if (subject != null) {
|
||||
Log.i("Parsing subject=" + subject);
|
||||
for (String p : subject.split(",")) {
|
||||
String[] kv = p.split("=");
|
||||
if (kv.length == 2) {
|
||||
String key = kv[0].trim();
|
||||
String value = kv[1].trim().toLowerCase();
|
||||
if (Helper.EMAIL_ADDRESS.matcher(value).matches() &&
|
||||
("CN".equalsIgnoreCase(key) ||
|
||||
"emailAddress".equalsIgnoreCase(key))) {
|
||||
if (!result.contains(value))
|
||||
result.add(value);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
} catch (Throwable ex) {
|
||||
Log.e(ex);
|
||||
}
|
||||
|
||||
return result;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -5434,7 +5434,7 @@ public class FragmentMessages extends FragmentBase implements SharedPreferences.
|
|||
if (s.verify(verifier)) {
|
||||
boolean known = true;
|
||||
String fingerprint = EntityCertificate.getFingerprint(cert);
|
||||
List<String> emails = EntityCertificate.getAltSubjectName(cert);
|
||||
List<String> emails = EntityCertificate.getEmailAddresses(cert);
|
||||
for (String email : emails) {
|
||||
EntityCertificate record = db.certificate().getCertificate(fingerprint, email);
|
||||
if (record == null)
|
||||
|
|
@ -5719,7 +5719,7 @@ public class FragmentMessages extends FragmentBase implements SharedPreferences.
|
|||
time = new Date();
|
||||
|
||||
boolean match = false;
|
||||
List<String> emails = EntityCertificate.getAltSubjectName(cert);
|
||||
List<String> emails = EntityCertificate.getEmailAddresses(cert);
|
||||
for (String email : emails)
|
||||
if (email.equalsIgnoreCase(sender)) {
|
||||
match = true;
|
||||
|
|
@ -5803,7 +5803,7 @@ public class FragmentMessages extends FragmentBase implements SharedPreferences.
|
|||
return null;
|
||||
|
||||
String fingerprint = EntityCertificate.getFingerprint(cert);
|
||||
List<String> emails = EntityCertificate.getAltSubjectName(cert);
|
||||
List<String> emails = EntityCertificate.getEmailAddresses(cert);
|
||||
for (String email : emails) {
|
||||
EntityCertificate record = db.certificate().getCertificate(fingerprint, email);
|
||||
if (record == null) {
|
||||
|
|
|
|||
Loading…
Reference in a new issue