fix #1024 show cert fingerprints when adding new account w/ untrusted cert

+ show SHA-256, SHA-1 and MD5 certificate fingerprint
  instead of signature hex dump
  when certificate is untrusted
+ show error string if one of the digest algorithms is not available
+ added check and error msg for certificate load problems

diff --git a/res/layout/ssl_untrusted_cert_layout.xml b/res/layout/ssl_untrusted_cert_layout.xml
index 8ef7b13..2f359f8 100644 (file)
--- a/res/layout/ssl_untrusted_cert_layout.xml
+++ b/res/layout/ssl_untrusted_cert_layout.xml
@@ -377,7 +377,6 @@
                                    android:text=""
                                    android:textAppearance="?android:attr/textAppearanceSmall"
                                />
-                               
 
                                <TextView
                                android:id="@+id/label_signature"
@@ -404,16 +403,24 @@
                                android:text=""
                                android:textAppearance="?android:attr/textAppearanceSmall"
                        />
-                                                                                                                                                                                               
-                                                               
+
                                <TextView
-                               android:id="@+id/value_signature"
-                               android:layout_width="wrap_content"
-                               android:layout_height="wrap_content"
+                                       android:id="@+id/label_certificate_fingerprint"
+                                       android:layout_width="wrap_content"
+                                       android:layout_height="wrap_content"
                                        android:paddingBottom="5dp"
-                               android:text=""
-                               android:textAppearance="?android:attr/textAppearanceSmall"
-                       />
+                                       android:text="@string/ssl_validator_label_certificate_fingerprint"
+                                       android:textAppearance="?android:attr/textAppearanceSmall"
+                               />
+
+                               <TextView
+                                       android:id="@+id/value_certificate_fingerprint"
+                                       android:layout_width="wrap_content"
+                                       android:layout_height="wrap_content"
+                                       android:paddingBottom="5dp"
+                                       android:text=""
+                                       android:textAppearance="?android:attr/textAppearanceSmall"
+                               />
                                
                </LinearLayout>
                

diff --git a/res/values/strings.xml b/res/values/strings.xml
index 8f1aec2..a11d631 100644 (file)
--- a/res/values/strings.xml
+++ b/res/values/strings.xml
@@ -253,6 +253,9 @@
     <string name="ssl_validator_label_validity_to">To:</string>
     <string name="ssl_validator_label_signature">Signature:</string>
     <string name="ssl_validator_label_signature_algorithm">Algorithm:</string>
+    <string name="digest_algorithm_not_available">This digest algorithm is not available on your phone.</string>
+    <string name="ssl_validator_label_certificate_fingerprint">Fingerprint:</string>
+    <string name="certificate_load_problem">There is a problem loading the certificate.</string>
     <string name="ssl_validator_null_cert">The certificate could not be shown.</string>
     <string name="ssl_validator_no_info_about_error">- No information about the error</string>
 

diff --git a/src/com/owncloud/android/ui/adapter/X509CertificateViewAdapter.java b/src/com/owncloud/android/ui/adapter/X509CertificateViewAdapter.java
index 1c8c8c2..742d6d8 100644 (file)
--- a/src/com/owncloud/android/ui/adapter/X509CertificateViewAdapter.java
+++ b/src/com/owncloud/android/ui/adapter/X509CertificateViewAdapter.java
@@ -20,6 +20,9 @@
  */
 package com.owncloud.android.ui.adapter;
 
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+import java.security.cert.CertificateEncodingException;
 import java.security.cert.X509Certificate;
 import java.text.DateFormat;
 import java.util.Date;
@@ -31,6 +34,7 @@ import javax.security.auth.x500.X500Principal;
 import com.owncloud.android.R;
 import com.owncloud.android.ui.dialog.SslUntrustedCertDialog;
 
+import android.util.Log;
 import android.view.View;
 import android.widget.TextView;
 
@@ -42,7 +46,9 @@ public class X509CertificateViewAdapter implements SslUntrustedCertDialog.Certif
     //private final static String TAG = X509CertificateViewAdapter.class.getSimpleName();
     
     private X509Certificate mCertificate = null;
-    
+
+    private static final String TAG = X509CertificateViewAdapter.class.getSimpleName();
+
     public X509CertificateViewAdapter(X509Certificate certificate) {
         mCertificate = certificate;
     }
@@ -63,25 +69,68 @@ public class X509CertificateViewAdapter implements SslUntrustedCertDialog.Certif
         }
     }
 
+    private byte[] getDigest(String algorithm, byte[] message) {
+        MessageDigest md = null;
+
+        try {
+            md = MessageDigest.getInstance(algorithm);
+        } catch (NoSuchAlgorithmException e) {
+            return null;
+        }
+        md.reset();
+        return md.digest(message);
+    }
+
     private void showSignature(View dialogView) {
-        TextView sigView = ((TextView)dialogView.findViewById(R.id.value_signature));
-        TextView algorithmView = ((TextView)dialogView.findViewById(R.id.value_signature_algorithm));
-        sigView.setText(getHex(mCertificate.getSignature()));
-        algorithmView.setText(mCertificate.getSigAlgName());
+        byte[] cert = null;
+
+        TextView certFingerprintView = ((TextView) dialogView.findViewById(R.id.value_certificate_fingerprint));
+        TextView algorithmView = ((TextView) dialogView.findViewById(R.id.value_signature_algorithm));
+
+        try {
+            cert = mCertificate.getEncoded();
+            if (cert == null) {
+
+                certFingerprintView.setText(R.string.certificate_load_problem);
+                algorithmView.setText(R.string.certificate_load_problem);
+
+            } else {
+
+                certFingerprintView.setText(
+                        getDigestHexBytesWithColonsAndNewLines(dialogView, "SHA-256", cert)
+                                + getDigestHexBytesWithColonsAndNewLines(dialogView, "SHA-1", cert)
+                                + getDigestHexBytesWithColonsAndNewLines(dialogView, "MD5", cert));
+                algorithmView.setText(mCertificate.getSigAlgName());
+
+            }
+
+        } catch (CertificateEncodingException e) {
+            Log.e(TAG, "Problem while trying to decode the certificate.");
+        }
+
+
     }
     
-    public String getHex(final byte [] raw) {
-        if (raw == null) {
-           return null;
+    private final String getDigestHexBytesWithColonsAndNewLines(View dialogView, final String digestType, final byte [] cert) {
+        final byte[] rawDigest;
+        final String newLine = System.getProperty("line.separator");
+
+        rawDigest = getDigest(digestType, cert);
+
+        if ( rawDigest == null) {
+            return digestType + ":" + newLine + dialogView.getContext().getString(R.string.digest_algorithm_not_available) + newLine + newLine;
         }
-        final StringBuilder hex = new StringBuilder(2 * raw.length);
-        for (final byte b : raw) {
+
+        final StringBuilder hex = new StringBuilder(3 * rawDigest.length);
+
+        for (final byte b : rawDigest) {
            final int hiVal = (b & 0xF0) >> 4;
            final int loVal = b & 0x0F;
            hex.append((char) ('0' + (hiVal + (hiVal / 10 * 7))));
            hex.append((char) ('0' + (loVal + (loVal / 10 * 7))));
+           hex.append(":");
         }
-        return hex.toString();
+        return digestType + ":" + newLine + hex.toString().replaceFirst("\\:$","") + newLine + newLine;
      }    
 
     private void showValidity(Date notBefore, Date notAfter, View dialogView) {