From 04b5db1f4c2585e1a83bd76d7aca6ea5436b25f5 Mon Sep 17 00:00:00 2001 From: Hans-Christoph Steiner Date: Tue, 28 Jan 2014 20:18:58 -0500 Subject: [PATCH] update display of signing key fingerprint Update Utils.formatFingerprint() to create a more readible version of the SHA-256 fingerprint of the signing key of the repo. --- res/values/strings.xml | 2 +- src/org/fdroid/fdroid/Utils.java | 52 +++++-------------- .../views/fragments/RepoDetailsFragment.java | 15 +++--- 3 files changed, 22 insertions(+), 47 deletions(-) diff --git a/res/values/strings.xml b/res/values/strings.xml index c5c6d3333..558a506b7 100644 --- a/res/values/strings.xml +++ b/res/values/strings.xml @@ -168,7 +168,7 @@ Unsigned URL Number of apps - Fingerprint of Repo Signing Key (SHA1) + Fingerprint of Repo Signing Key (SHA-256) Description Last update Update diff --git a/src/org/fdroid/fdroid/Utils.java b/src/org/fdroid/fdroid/Utils.java index c6b397df2..949423b15 100644 --- a/src/org/fdroid/fdroid/Utils.java +++ b/src/org/fdroid/fdroid/Utils.java @@ -18,26 +18,20 @@ package org.fdroid.fdroid; -import android.os.Build; -import android.util.Log; +import android.content.Context; + +import com.nostra13.universalimageloader.utils.StorageUtils; import java.io.BufferedReader; import java.io.Closeable; import java.io.File; import java.io.FileReader; -import java.io.InputStream; import java.io.IOException; +import java.io.InputStream; import java.io.OutputStream; import java.text.SimpleDateFormat; -import java.security.MessageDigest; -import java.util.Formatter; import java.util.Locale; -import android.content.Context; - -import com.nostra13.universalimageloader.utils.StorageUtils; -import org.fdroid.fdroid.data.Repo; - public final class Utils { public static final int BUFFER_SIZE = 4096; @@ -48,8 +42,6 @@ public final class Utils { public static final SimpleDateFormat LOG_DATE_FORMAT = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss", Locale.ENGLISH); - - public static void copy(InputStream input, OutputStream output) throws IOException { copy(input, output, null, null); @@ -160,36 +152,16 @@ public final class Utils { return count; } - public static String formatFingerprint(Repo repo) { - return formatFingerprint(repo.pubkey); + // return a fingerprint formatted for display + public static String formatFingerprint(String fingerprint) { + if (fingerprint.length() != 62) // SHA-256 is 62 hex chars + return "BAD FINGERPRINT"; + String displayFP = fingerprint.substring(0, 2); + for (int i = 2; i < fingerprint.length(); i = i + 2) + displayFP += " " + fingerprint.substring(i, i + 2); + return displayFP; } - public static String formatFingerprint(String key) { - String fingerprintString; - if (key == null) { - return ""; - } - - try { - MessageDigest digest = MessageDigest.getInstance("SHA-1"); - digest.update(Hasher.unhex(key)); - byte[] fingerprint = digest.digest(); - Formatter formatter = new Formatter(new StringBuilder()); - formatter.format("%02X", fingerprint[0]); - for (int i = 1; i < fingerprint.length; i++) { - formatter.format(i % 5 == 0 ? " %02X" : ":%02X", - fingerprint[i]); - } - fingerprintString = formatter.toString(); - formatter.close(); - } catch (Exception e) { - Log.w("FDroid", "Unable to get certificate fingerprint.\n" - + Log.getStackTraceString(e)); - fingerprintString = ""; - } - return fingerprintString; - } - public static File getApkCacheDir(Context context) { File apkCacheDir = new File( StorageUtils.getCacheDirectory(context, true), "apks"); diff --git a/src/org/fdroid/fdroid/views/fragments/RepoDetailsFragment.java b/src/org/fdroid/fdroid/views/fragments/RepoDetailsFragment.java index 773430e26..1e23b034e 100644 --- a/src/org/fdroid/fdroid/views/fragments/RepoDetailsFragment.java +++ b/src/org/fdroid/fdroid/views/fragments/RepoDetailsFragment.java @@ -8,6 +8,7 @@ import android.os.Bundle; import android.support.v4.app.Fragment; import android.support.v4.view.MenuItemCompat; import android.text.Editable; +import android.text.TextUtils; import android.text.TextWatcher; import android.util.Log; import android.view.*; @@ -286,15 +287,17 @@ public class RepoDetailsFragment extends Fragment { String repoFingerprint; int repoFingerprintColor; - if (repo.pubkey != null && repo.pubkey.length() > 0) { - repoFingerprint = Utils.formatFingerprint(repo.pubkey); - repoFingerprintColor = getResources().getColor(R.color.signed); - repoFingerprintDescView.setVisibility(View.GONE); - } else { - repoFingerprint = getResources().getString(R.string.unsigned); +// TODO show the current state of the signature check, not just whether there is a key or not + if (TextUtils.isEmpty(repo.fingerprint) && TextUtils.isEmpty(repo.pubkey)) { + repoFingerprint = getResources().getString(R.string.unsigned); repoFingerprintColor = getResources().getColor(R.color.unsigned); repoFingerprintDescView.setVisibility(View.VISIBLE); repoFingerprintDescView.setText(getResources().getString(R.string.unsigned_description)); + } else { + // this is based on repo.fingerprint always existing, which it should + repoFingerprint = Utils.formatFingerprint(repo.fingerprint); + repoFingerprintColor = getResources().getColor(R.color.signed); + repoFingerprintDescView.setVisibility(View.GONE); } repoFingerprintView.setText(repoFingerprint);