From b85dc1b2ea68ab7ca7e11ab545bb88f4dbb59bdb Mon Sep 17 00:00:00 2001
From: cyBerta <cyberta@riseup.net>
Date: Thu, 25 Jan 2024 03:01:21 +0100
Subject: fix VpnCertificateValidatorTest, extract CertificateHelper (returns a
 fingerprint for a x509 cert) from ConfigHelper

---
 .../base/utils/CertificateHelper.java              | 64 ++++++++++++++++++++++
 1 file changed, 64 insertions(+)
 create mode 100644 app/src/main/java/se/leap/bitmaskclient/base/utils/CertificateHelper.java

(limited to 'app/src/main/java/se/leap/bitmaskclient/base/utils/CertificateHelper.java')

diff --git a/app/src/main/java/se/leap/bitmaskclient/base/utils/CertificateHelper.java b/app/src/main/java/se/leap/bitmaskclient/base/utils/CertificateHelper.java
new file mode 100644
index 00000000..11202734
--- /dev/null
+++ b/app/src/main/java/se/leap/bitmaskclient/base/utils/CertificateHelper.java
@@ -0,0 +1,64 @@
+package se.leap.bitmaskclient.base.utils;
+
+import androidx.annotation.NonNull;
+import androidx.annotation.VisibleForTesting;
+
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+import java.security.cert.CertificateEncodingException;
+import java.security.cert.X509Certificate;
+
+import de.blinkt.openvpn.core.NativeUtils;
+
+public class CertificateHelper {
+
+    public interface CertificateHelperInterface {
+        String getFingerprintFromCertificate(X509Certificate certificate, String encoding) throws NoSuchAlgorithmException, CertificateEncodingException;
+
+    }
+
+    public static class DefaultCertificateHelper implements CertificateHelperInterface {
+
+        public String byteArrayToHex(byte[] input) {
+            int readBytes = input.length;
+            StringBuffer hexData = new StringBuffer();
+            int onebyte;
+            for (int i = 0; i < readBytes; i++) {
+                onebyte = ((0x000000ff & input[i]) | 0xffffff00);
+                hexData.append(Integer.toHexString(onebyte).substring(6));
+            }
+            return hexData.toString();
+        }
+
+        /**
+         * Calculates the hexadecimal representation of a sha256/sha1 fingerprint of a certificate
+         *
+         * @param certificate
+         * @param encoding
+         * @return
+         * @throws NoSuchAlgorithmException
+         * @throws CertificateEncodingException
+         */
+        @Override
+        public String getFingerprintFromCertificate(X509Certificate certificate, String encoding) throws NoSuchAlgorithmException, CertificateEncodingException {
+            byte[] byteArray = MessageDigest.getInstance(encoding).digest(certificate.getEncoded());
+            return byteArrayToHex(byteArray);
+        }
+    }
+
+    private static CertificateHelperInterface instance = new DefaultCertificateHelper();
+
+    @VisibleForTesting
+    public CertificateHelper(CertificateHelperInterface helperInterface) {
+        if (!NativeUtils.isUnitTest()) {
+            throw new IllegalStateException("CertificateHelper injected with CertificateHelperInterface outside of an unit test");
+        }
+        instance = helperInterface;
+    }
+
+    @NonNull
+    public static String getFingerprintFromCertificate(X509Certificate certificate, String encoding) throws NoSuchAlgorithmException, CertificateEncodingException {
+        return instance.getFingerprintFromCertificate(certificate, encoding);
+    }
+
+}
-- 
cgit v1.2.3