mirror of https://github.com/M66B/FairEmail.git
Identify certificates by fingerprint
This commit is contained in:
parent
d92777b692
commit
a2bb26e086
File diff suppressed because it is too large
Load Diff
|
@ -56,7 +56,7 @@ import io.requery.android.database.sqlite.RequerySQLiteOpenHelperFactory;
|
|||
// https://developer.android.com/topic/libraries/architecture/room.html
|
||||
|
||||
@Database(
|
||||
version = 117,
|
||||
version = 118,
|
||||
entities = {
|
||||
EntityIdentity.class,
|
||||
EntityAccount.class,
|
||||
|
@ -1140,6 +1140,21 @@ public abstract class DB extends RoomDatabase {
|
|||
db.execSQL("CREATE INDEX IF NOT EXISTS `index_certificate_email` ON `certificate` (`email`)");
|
||||
}
|
||||
})
|
||||
.addMigrations(new Migration(117, 118) {
|
||||
@Override
|
||||
public void migrate(@NonNull SupportSQLiteDatabase db) {
|
||||
Log.i("DB migration from version " + startVersion + " to " + endVersion);
|
||||
db.execSQL("DROP TABLE IF EXISTS `certificate`");
|
||||
db.execSQL("CREATE TABLE IF NOT EXISTS `certificate`" +
|
||||
" (`id` INTEGER PRIMARY KEY AUTOINCREMENT" +
|
||||
", `fingerprint` TEXT NOT NULL" +
|
||||
", `email` TEXT NOT NULL" +
|
||||
", `subject` TEXT" +
|
||||
", `data` TEXT NOT NULL)");
|
||||
db.execSQL("CREATE UNIQUE INDEX IF NOT EXISTS `index_certificate_fingerprint_email` ON `certificate` (`fingerprint`, `email`)");
|
||||
db.execSQL("CREATE INDEX IF NOT EXISTS `index_certificate_email` ON `certificate` (`email`)");
|
||||
}
|
||||
})
|
||||
.build();
|
||||
}
|
||||
|
||||
|
|
|
@ -29,12 +29,13 @@ import java.util.List;
|
|||
@Dao
|
||||
public interface DaoCertificate {
|
||||
@Query("SELECT * FROM certificate" +
|
||||
" ORDER BY subject DESC")
|
||||
" ORDER BY email DESC")
|
||||
LiveData<List<EntityCertificate>> liveCertificates();
|
||||
|
||||
@Query("SELECT * FROM certificate" +
|
||||
" WHERE subject = :subject")
|
||||
EntityCertificate getCertificateBySubject(String subject);
|
||||
" WHERE fingerprint = :fingerprint" +
|
||||
" AND email = :email")
|
||||
EntityCertificate getCertificate(String fingerprint, String email);
|
||||
|
||||
@Query("SELECT * FROM certificate" +
|
||||
" WHERE email = :email")
|
||||
|
|
|
@ -31,7 +31,7 @@ import java.util.Objects;
|
|||
foreignKeys = {
|
||||
},
|
||||
indices = {
|
||||
@Index(value = {"subject"}, unique = true),
|
||||
@Index(value = {"fingerprint", "email"}, unique = true),
|
||||
@Index(value = {"email"}),
|
||||
}
|
||||
)
|
||||
|
@ -41,8 +41,10 @@ public class EntityCertificate {
|
|||
@PrimaryKey(autoGenerate = true)
|
||||
public Long id;
|
||||
@NonNull
|
||||
public String subject;
|
||||
public String fingerprint;
|
||||
@NonNull
|
||||
public String email;
|
||||
public String subject;
|
||||
@NonNull
|
||||
public String data;
|
||||
|
||||
|
@ -50,8 +52,9 @@ public class EntityCertificate {
|
|||
public boolean equals(Object obj) {
|
||||
if (obj instanceof EntityCertificate) {
|
||||
EntityCertificate other = (EntityCertificate) obj;
|
||||
return (this.subject.equals(other.subject) &&
|
||||
return (this.fingerprint.equals(other.fingerprint) &&
|
||||
Objects.equals(this.email, other.email) &&
|
||||
Objects.equals(this.subject, other.subject) &&
|
||||
this.data.equals(other.data));
|
||||
} else
|
||||
return false;
|
||||
|
|
|
@ -165,6 +165,7 @@ import javax.mail.FolderClosedException;
|
|||
import javax.mail.Session;
|
||||
import javax.mail.internet.InternetAddress;
|
||||
import javax.mail.internet.MimeMessage;
|
||||
import javax.security.auth.x500.X500Principal;
|
||||
|
||||
import static android.app.Activity.RESULT_OK;
|
||||
import static android.os.Process.THREAD_PRIORITY_BACKGROUND;
|
||||
|
@ -4388,20 +4389,21 @@ public class FragmentMessages extends FragmentBase implements SharedPreferences.
|
|||
.getCertificate(certHolder);
|
||||
try {
|
||||
if (signer.verify(new JcaSimpleSignerInfoVerifierBuilder().build(cert))) {
|
||||
String subject = cert.getSubjectDN().getName();
|
||||
if (!TextUtils.isEmpty(subject) &&
|
||||
message.from != null && message.from.length == 1) {
|
||||
EntityCertificate c = db.certificate().getCertificateBySubject(subject);
|
||||
if (c == null) {
|
||||
c = new EntityCertificate();
|
||||
c.subject = subject;
|
||||
c.email = ((InternetAddress) message.from[0]).getAddress();
|
||||
c.data = Base64.encodeToString(cert.getEncoded(), Base64.NO_WRAP);
|
||||
c.id = db.certificate().insertCertificate(c);
|
||||
if (message.from != null && message.from.length == 1) {
|
||||
String fingerprint = Helper.sha256(cert.getEncoded());
|
||||
String email = ((InternetAddress) message.from[0]).getAddress();
|
||||
EntityCertificate record = db.certificate().getCertificate(fingerprint, email);
|
||||
if (record == null) {
|
||||
record = new EntityCertificate();
|
||||
record.fingerprint = fingerprint;
|
||||
record.email = email;
|
||||
record.subject = cert.getSubjectX500Principal().getName(X500Principal.RFC2253);
|
||||
record.data = Base64.encodeToString(cert.getEncoded(), Base64.NO_WRAP);
|
||||
record.id = db.certificate().insertCertificate(record);
|
||||
}
|
||||
}
|
||||
|
||||
return subject;
|
||||
return cert.getSubjectX500Principal().getName(X500Principal.RFC2253);
|
||||
}
|
||||
} catch (CMSVerifierCertificateNotValidException ex) {
|
||||
Log.w(ex);
|
||||
|
|
Loading…
Reference in New Issue