Merge branch 'post_release_work' into 'master'

post release tweaks and fixes Closes #9150 and #8983 See merge request leap/bitmask_android!264
author: cyberta <cyberta@riseup.net> 2024-01-25 23:41:42 +0000
committer: cyberta <cyberta@riseup.net> 2024-01-25 23:41:42 +0000
commit: 5bf3f807a4804c18b7dc88e07e4e34ecf0791713 (patch)
tree: a092fd4ab72d1a31daa3cc442331cbb05d034ef0 /app/src/main/java/se/leap/bitmaskclient/base/utils/CertificateHelper.java
parent: ce8106f60d83ee2a788f1920437a0bbd48d6b15f (diff)
parent: e84289ab4380ae61cc9f2a86da9a16d1aae45cbd (diff)
1 files changed, 64 insertions, 0 deletions
diff --git a/app/src/main/java/se/leap/bitmaskclient/base/utils/CertificateHelper.java b/app/src/main/java/se/leap/bitmaskclient/base/utils/CertificateHelper.java
new file mode 100644
index 00000000..11202734
--- /dev/null
+++ b/app/src/main/java/se/leap/bitmaskclient/base/utils/CertificateHelper.java
@@ -0,0 +1,64 @@
+package se.leap.bitmaskclient.base.utils;
+
+import androidx.annotation.NonNull;
+import androidx.annotation.VisibleForTesting;
+
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+import java.security.cert.CertificateEncodingException;
+import java.security.cert.X509Certificate;
+
+import de.blinkt.openvpn.core.NativeUtils;
+
+public class CertificateHelper {
+
+    public interface CertificateHelperInterface {
+        String getFingerprintFromCertificate(X509Certificate certificate, String encoding) throws NoSuchAlgorithmException, CertificateEncodingException;
+
+    }
+
+    public static class DefaultCertificateHelper implements CertificateHelperInterface {
+
+        public String byteArrayToHex(byte[] input) {
+            int readBytes = input.length;
+            StringBuffer hexData = new StringBuffer();
+            int onebyte;
+            for (int i = 0; i < readBytes; i++) {
+                onebyte = ((0x000000ff & input[i]) | 0xffffff00);
+                hexData.append(Integer.toHexString(onebyte).substring(6));
+            }
+            return hexData.toString();
+        }
+
+        /**
+         * Calculates the hexadecimal representation of a sha256/sha1 fingerprint of a certificate
+         *
+         * @param certificate
+         * @param encoding
+         * @return
+         * @throws NoSuchAlgorithmException
+         * @throws CertificateEncodingException
+         */
+        @Override
+        public String getFingerprintFromCertificate(X509Certificate certificate, String encoding) throws NoSuchAlgorithmException, CertificateEncodingException {
+            byte[] byteArray = MessageDigest.getInstance(encoding).digest(certificate.getEncoded());
+            return byteArrayToHex(byteArray);
+        }
+    }
+
+    private static CertificateHelperInterface instance = new DefaultCertificateHelper();
+
+    @VisibleForTesting
+    public CertificateHelper(CertificateHelperInterface helperInterface) {
+        if (!NativeUtils.isUnitTest()) {
+            throw new IllegalStateException("CertificateHelper injected with CertificateHelperInterface outside of an unit test");
+        }
+        instance = helperInterface;
+    }
+
+    @NonNull
+    public static String getFingerprintFromCertificate(X509Certificate certificate, String encoding) throws NoSuchAlgorithmException, CertificateEncodingException {
+        return instance.getFingerprintFromCertificate(certificate, encoding);
+    }
+
+}
author	cyberta <cyberta@riseup.net>	2024-01-25 23:41:42 +0000
committer	cyberta <cyberta@riseup.net>	2024-01-25 23:41:42 +0000
commit	5bf3f807a4804c18b7dc88e07e4e34ecf0791713 (patch)
tree	a092fd4ab72d1a31daa3cc442331cbb05d034ef0 /app/src/main/java/se/leap/bitmaskclient/base/utils/CertificateHelper.java
parent	ce8106f60d83ee2a788f1920437a0bbd48d6b15f (diff)
parent	e84289ab4380ae61cc9f2a86da9a16d1aae45cbd (diff)