From 82daf849aa9b68dbd61f61923d8d618630af50bf Mon Sep 17 00:00:00 2001 From: Daniel Gultsch Date: Sat, 25 Apr 2015 14:42:32 +0200 Subject: fixed #1039 --- src/main/java/eu/siacs/conversations/utils/CryptoHelper.java | 3 +++ 1 file changed, 3 insertions(+) (limited to 'src/main/java/eu/siacs/conversations/utils/CryptoHelper.java') diff --git a/src/main/java/eu/siacs/conversations/utils/CryptoHelper.java b/src/main/java/eu/siacs/conversations/utils/CryptoHelper.java index eb7e2c3c..466bc409 100644 --- a/src/main/java/eu/siacs/conversations/utils/CryptoHelper.java +++ b/src/main/java/eu/siacs/conversations/utils/CryptoHelper.java @@ -91,6 +91,9 @@ public final class CryptoHelper { } public static String prettifyFingerprint(String fingerprint) { + if (fingerprint.length() < 40) { + return fingerprint; + } StringBuilder builder = new StringBuilder(fingerprint); builder.insert(8, " "); builder.insert(17, " "); -- cgit v1.2.3 From 5dd83a5fe685dd3268986ca0a73f21c4dcbc6af5 Mon Sep 17 00:00:00 2001 From: Daniel Gultsch Date: Sat, 11 Jul 2015 21:23:58 +0200 Subject: null check otr fingerprint before display --- src/main/java/eu/siacs/conversations/utils/CryptoHelper.java | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'src/main/java/eu/siacs/conversations/utils/CryptoHelper.java') diff --git a/src/main/java/eu/siacs/conversations/utils/CryptoHelper.java b/src/main/java/eu/siacs/conversations/utils/CryptoHelper.java index 466bc409..2dec203d 100644 --- a/src/main/java/eu/siacs/conversations/utils/CryptoHelper.java +++ b/src/main/java/eu/siacs/conversations/utils/CryptoHelper.java @@ -91,7 +91,9 @@ public final class CryptoHelper { } public static String prettifyFingerprint(String fingerprint) { - if (fingerprint.length() < 40) { + if (fingerprint==null) { + return ""; + } else if (fingerprint.length() < 40) { return fingerprint; } StringBuilder builder = new StringBuilder(fingerprint); -- cgit v1.2.3 From 8fd46d40d63008e4855c3c1d48c5ac0eafb103d0 Mon Sep 17 00:00:00 2001 From: Andreas Straub Date: Tue, 7 Jul 2015 19:28:35 +0200 Subject: Adapt prettifyFingerprint() to axolotl FP sizes --- src/main/java/eu/siacs/conversations/utils/CryptoHelper.java | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) (limited to 'src/main/java/eu/siacs/conversations/utils/CryptoHelper.java') diff --git a/src/main/java/eu/siacs/conversations/utils/CryptoHelper.java b/src/main/java/eu/siacs/conversations/utils/CryptoHelper.java index 2dec203d..c7c9ac42 100644 --- a/src/main/java/eu/siacs/conversations/utils/CryptoHelper.java +++ b/src/main/java/eu/siacs/conversations/utils/CryptoHelper.java @@ -96,11 +96,10 @@ public final class CryptoHelper { } else if (fingerprint.length() < 40) { return fingerprint; } - StringBuilder builder = new StringBuilder(fingerprint); - builder.insert(8, " "); - builder.insert(17, " "); - builder.insert(26, " "); - builder.insert(35, " "); + StringBuilder builder = new StringBuilder(fingerprint.replaceAll("\\s","")); + for(int i=8;i Date: Sun, 11 Oct 2015 15:48:58 +0200 Subject: add menu item in account details to renew certificate --- .../eu/siacs/conversations/utils/CryptoHelper.java | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) (limited to 'src/main/java/eu/siacs/conversations/utils/CryptoHelper.java') diff --git a/src/main/java/eu/siacs/conversations/utils/CryptoHelper.java b/src/main/java/eu/siacs/conversations/utils/CryptoHelper.java index c7c9ac42..e9ad7197 100644 --- a/src/main/java/eu/siacs/conversations/utils/CryptoHelper.java +++ b/src/main/java/eu/siacs/conversations/utils/CryptoHelper.java @@ -1,6 +1,15 @@ package eu.siacs.conversations.utils; +import android.util.Pair; + +import org.bouncycastle.asn1.x500.X500Name; +import org.bouncycastle.asn1.x500.style.BCStyle; +import org.bouncycastle.asn1.x500.style.IETFUtils; +import org.bouncycastle.cert.jcajce.JcaX509CertificateHolder; + import java.security.SecureRandom; +import java.security.cert.CertificateEncodingException; +import java.security.cert.X509Certificate; import java.text.Normalizer; import java.util.Arrays; import java.util.Collection; @@ -9,6 +18,8 @@ import java.util.LinkedHashSet; import java.util.List; import eu.siacs.conversations.Config; +import eu.siacs.conversations.xmpp.jid.InvalidJidException; +import eu.siacs.conversations.xmpp.jid.Jid; public final class CryptoHelper { public static final String FILETRANSFER = "?FILETRANSFERv1:"; @@ -125,4 +136,12 @@ public final class CryptoHelper { } } } + + public static Pair extractJidAndName(X509Certificate certificate) throws CertificateEncodingException, InvalidJidException { + X500Name x500name = new JcaX509CertificateHolder(certificate).getSubject(); + //String xmpp = IETFUtils.valueToString(x500name.getRDNs(new ASN1ObjectIdentifier("1.3.6.1.5.5.7.8.5"))[0].getFirst().getValue()); + String email = IETFUtils.valueToString(x500name.getRDNs(BCStyle.EmailAddress)[0].getFirst().getValue()); + String name = IETFUtils.valueToString(x500name.getRDNs(BCStyle.CN)[0].getFirst().getValue()); + return new Pair<>(Jid.fromString(email),name); + } } -- cgit v1.2.3 From cfeb67d71da01bc95ed713d6591fa6e79fc08dd6 Mon Sep 17 00:00:00 2001 From: Daniel Gultsch Date: Fri, 16 Oct 2015 23:48:42 +0200 Subject: introduced code to verify omemo device keys with x509 certificates. cleaned up TrustKeysActivity to automatically close if there is nothing to do --- .../eu/siacs/conversations/utils/CryptoHelper.java | 28 ++++++++++++++++++---- 1 file changed, 24 insertions(+), 4 deletions(-) (limited to 'src/main/java/eu/siacs/conversations/utils/CryptoHelper.java') diff --git a/src/main/java/eu/siacs/conversations/utils/CryptoHelper.java b/src/main/java/eu/siacs/conversations/utils/CryptoHelper.java index e9ad7197..8091a996 100644 --- a/src/main/java/eu/siacs/conversations/utils/CryptoHelper.java +++ b/src/main/java/eu/siacs/conversations/utils/CryptoHelper.java @@ -1,16 +1,21 @@ package eu.siacs.conversations.utils; +import android.util.Log; import android.util.Pair; import org.bouncycastle.asn1.x500.X500Name; import org.bouncycastle.asn1.x500.style.BCStyle; import org.bouncycastle.asn1.x500.style.IETFUtils; import org.bouncycastle.cert.jcajce.JcaX509CertificateHolder; +import org.bouncycastle.jce.PrincipalUtil; import java.security.SecureRandom; import java.security.cert.CertificateEncodingException; +import java.security.cert.CertificateParsingException; import java.security.cert.X509Certificate; +import java.security.cert.X509Extension; import java.text.Normalizer; +import java.util.ArrayList; import java.util.Arrays; import java.util.Collection; import java.util.Iterator; @@ -137,11 +142,26 @@ public final class CryptoHelper { } } - public static Pair extractJidAndName(X509Certificate certificate) throws CertificateEncodingException, InvalidJidException { + public static Pair extractJidAndName(X509Certificate certificate) throws CertificateEncodingException, InvalidJidException, CertificateParsingException { + Collection> alternativeNames = certificate.getSubjectAlternativeNames(); + List emails = new ArrayList<>(); + if (alternativeNames != null) { + for(List san : alternativeNames) { + Integer type = (Integer) san.get(0); + if (type == 1) { + emails.add((String) san.get(1)); + } + } + } X500Name x500name = new JcaX509CertificateHolder(certificate).getSubject(); - //String xmpp = IETFUtils.valueToString(x500name.getRDNs(new ASN1ObjectIdentifier("1.3.6.1.5.5.7.8.5"))[0].getFirst().getValue()); - String email = IETFUtils.valueToString(x500name.getRDNs(BCStyle.EmailAddress)[0].getFirst().getValue()); + if (emails.size() == 0) { + emails.add(IETFUtils.valueToString(x500name.getRDNs(BCStyle.EmailAddress)[0].getFirst().getValue())); + } String name = IETFUtils.valueToString(x500name.getRDNs(BCStyle.CN)[0].getFirst().getValue()); - return new Pair<>(Jid.fromString(email),name); + if (emails.size() >= 1) { + return new Pair<>(Jid.fromString(emails.get(0)), name); + } else { + return null; + } } } -- cgit v1.2.3 From a7fd629c051a3ba0031fba4e358ba4f3b843283d Mon Sep 17 00:00:00 2001 From: Daniel Gultsch Date: Wed, 28 Oct 2015 22:40:09 +0100 Subject: show encryption type in warned/red messages --- .../java/eu/siacs/conversations/utils/CryptoHelper.java | 15 +++++++++++++++ 1 file changed, 15 insertions(+) (limited to 'src/main/java/eu/siacs/conversations/utils/CryptoHelper.java') diff --git a/src/main/java/eu/siacs/conversations/utils/CryptoHelper.java b/src/main/java/eu/siacs/conversations/utils/CryptoHelper.java index 8091a996..ab407249 100644 --- a/src/main/java/eu/siacs/conversations/utils/CryptoHelper.java +++ b/src/main/java/eu/siacs/conversations/utils/CryptoHelper.java @@ -23,6 +23,8 @@ import java.util.LinkedHashSet; import java.util.List; import eu.siacs.conversations.Config; +import eu.siacs.conversations.R; +import eu.siacs.conversations.entities.Message; import eu.siacs.conversations.xmpp.jid.InvalidJidException; import eu.siacs.conversations.xmpp.jid.Jid; @@ -164,4 +166,17 @@ public final class CryptoHelper { return null; } } + + public static int encryptionTypeToText(int encryption) { + switch (encryption) { + case Message.ENCRYPTION_OTR: + return R.string.encryption_choice_otr; + case Message.ENCRYPTION_AXOLOTL: + return R.string.encryption_choice_omemo; + case Message.ENCRYPTION_NONE: + return R.string.encryption_choice_unencrypted; + default: + return R.string.encryption_choice_pgp; + } + } } -- cgit v1.2.3 From f46cbb38a92ff5281a974ecc0932ba5459c7334e Mon Sep 17 00:00:00 2001 From: Daniel Gultsch Date: Wed, 23 Dec 2015 19:18:53 +0100 Subject: show certificate information --- .../eu/siacs/conversations/utils/CryptoHelper.java | 50 ++++++++++++++++++++++ 1 file changed, 50 insertions(+) (limited to 'src/main/java/eu/siacs/conversations/utils/CryptoHelper.java') diff --git a/src/main/java/eu/siacs/conversations/utils/CryptoHelper.java b/src/main/java/eu/siacs/conversations/utils/CryptoHelper.java index ab407249..d1b90ab6 100644 --- a/src/main/java/eu/siacs/conversations/utils/CryptoHelper.java +++ b/src/main/java/eu/siacs/conversations/utils/CryptoHelper.java @@ -1,5 +1,6 @@ package eu.siacs.conversations.utils; +import android.os.Bundle; import android.util.Log; import android.util.Pair; @@ -9,6 +10,7 @@ import org.bouncycastle.asn1.x500.style.IETFUtils; import org.bouncycastle.cert.jcajce.JcaX509CertificateHolder; import org.bouncycastle.jce.PrincipalUtil; +import java.security.MessageDigest; import java.security.SecureRandom; import java.security.cert.CertificateEncodingException; import java.security.cert.CertificateParsingException; @@ -121,6 +123,14 @@ public final class CryptoHelper { return builder.toString(); } + public static String prettifyFingerprintCert(String fingerprint) { + StringBuilder builder = new StringBuilder(fingerprint); + for(int i=2;i < builder.length(); i+=3) { + builder.insert(i,':'); + } + return builder.toString(); + } + public static String[] getOrderedCipherSuites(final String[] platformSupportedCipherSuites) { final Collection cipherSuites = new LinkedHashSet<>(Arrays.asList(Config.ENABLED_CIPHERS)); final List platformCiphers = Arrays.asList(platformSupportedCipherSuites); @@ -167,6 +177,46 @@ public final class CryptoHelper { } } + public static Bundle extractCertificateInformation(X509Certificate certificate) { + Bundle information = new Bundle(); + try { + JcaX509CertificateHolder holder = new JcaX509CertificateHolder(certificate); + X500Name subject = holder.getSubject(); + try { + information.putString("subject_cn", subject.getRDNs(BCStyle.CN)[0].getFirst().getValue().toString()); + } catch (Exception e) { + //ignored + } + try { + information.putString("subject_o",subject.getRDNs(BCStyle.O)[0].getFirst().getValue().toString()); + } catch (Exception e) { + //ignored + } + + X500Name issuer = holder.getIssuer(); + try { + information.putString("issuer_cn", issuer.getRDNs(BCStyle.CN)[0].getFirst().getValue().toString()); + } catch (Exception e) { + //ignored + } + try { + information.putString("issuer_o", issuer.getRDNs(BCStyle.O)[0].getFirst().getValue().toString()); + } catch (Exception e) { + //ignored + } + try { + MessageDigest md = MessageDigest.getInstance("SHA-1"); + byte[] fingerprint = md.digest(certificate.getEncoded()); + information.putString("sha1", prettifyFingerprintCert(bytesToHex(fingerprint))); + } catch (Exception e) { + + } + return information; + } catch (CertificateEncodingException e) { + return information; + } + } + public static int encryptionTypeToText(int encryption) { switch (encryption) { case Message.ENCRYPTION_OTR: -- cgit v1.2.3 From c40372fc0d1bc81650321b0166c06a0be05ac0a2 Mon Sep 17 00:00:00 2001 From: Daniel Gultsch Date: Wed, 23 Dec 2015 22:30:14 +0100 Subject: code cleanup --- .../eu/siacs/conversations/utils/CryptoHelper.java | 22 ---------------------- 1 file changed, 22 deletions(-) (limited to 'src/main/java/eu/siacs/conversations/utils/CryptoHelper.java') diff --git a/src/main/java/eu/siacs/conversations/utils/CryptoHelper.java b/src/main/java/eu/siacs/conversations/utils/CryptoHelper.java index d1b90ab6..5c504e04 100644 --- a/src/main/java/eu/siacs/conversations/utils/CryptoHelper.java +++ b/src/main/java/eu/siacs/conversations/utils/CryptoHelper.java @@ -1,21 +1,17 @@ package eu.siacs.conversations.utils; import android.os.Bundle; -import android.util.Log; import android.util.Pair; import org.bouncycastle.asn1.x500.X500Name; import org.bouncycastle.asn1.x500.style.BCStyle; import org.bouncycastle.asn1.x500.style.IETFUtils; import org.bouncycastle.cert.jcajce.JcaX509CertificateHolder; -import org.bouncycastle.jce.PrincipalUtil; import java.security.MessageDigest; -import java.security.SecureRandom; import java.security.cert.CertificateEncodingException; import java.security.cert.CertificateParsingException; import java.security.cert.X509Certificate; -import java.security.cert.X509Extension; import java.text.Normalizer; import java.util.ArrayList; import java.util.Arrays; @@ -33,8 +29,6 @@ import eu.siacs.conversations.xmpp.jid.Jid; public final class CryptoHelper { public static final String FILETRANSFER = "?FILETRANSFERv1:"; private final static char[] hexArray = "0123456789abcdef".toCharArray(); - private final static char[] vowels = "aeiou".toCharArray(); - private final static char[] consonants = "bcdfghjklmnpqrstvwxyz".toCharArray(); final public static byte[] ONE = new byte[] { 0, 0, 0, 1 }; public static String bytesToHex(byte[] bytes) { @@ -68,22 +62,6 @@ public final class CryptoHelper { return result; } - public static String randomMucName(SecureRandom random) { - return randomWord(3, random) + "." + randomWord(7, random); - } - - private static String randomWord(int lenght, SecureRandom random) { - StringBuilder builder = new StringBuilder(lenght); - for (int i = 0; i < lenght; ++i) { - if (i % 2 == 0) { - builder.append(consonants[random.nextInt(consonants.length)]); - } else { - builder.append(vowels[random.nextInt(vowels.length)]); - } - } - return builder.toString(); - } - /** * Escapes usernames or passwords for SASL. */ -- cgit v1.2.3 From 703d95fcf84d720567cefe1483695d76f32ebb34 Mon Sep 17 00:00:00 2001 From: Daniel Gultsch Date: Sun, 27 Dec 2015 18:37:12 +0100 Subject: lower case all fingerprints. fixes #1521 --- src/main/java/eu/siacs/conversations/utils/CryptoHelper.java | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'src/main/java/eu/siacs/conversations/utils/CryptoHelper.java') diff --git a/src/main/java/eu/siacs/conversations/utils/CryptoHelper.java b/src/main/java/eu/siacs/conversations/utils/CryptoHelper.java index 5c504e04..1ef5fb3f 100644 --- a/src/main/java/eu/siacs/conversations/utils/CryptoHelper.java +++ b/src/main/java/eu/siacs/conversations/utils/CryptoHelper.java @@ -19,6 +19,7 @@ import java.util.Collection; import java.util.Iterator; import java.util.LinkedHashSet; import java.util.List; +import java.util.Locale; import eu.siacs.conversations.Config; import eu.siacs.conversations.R; @@ -94,7 +95,7 @@ public final class CryptoHelper { } else if (fingerprint.length() < 40) { return fingerprint; } - StringBuilder builder = new StringBuilder(fingerprint.replaceAll("\\s","")); + StringBuilder builder = new StringBuilder(fingerprint.toLowerCase(Locale.US).replaceAll("\\s", "")); for(int i=8;i