mirror of
https://github.com/moparisthebest/k-9
synced 2024-11-30 13:12:25 -05:00
Remove SslHelper.isClientCertificateSupportAvailable()
The app's minSdkVersion = 15 (Android 4.0.3, Ice Cream Sandwich MR1), so there's no need to test the API level. This also removes '@SuppressLint("TrulyRandom")'. I find no documentation for it, nor do I find any additional lint errors with its removal.
This commit is contained in:
parent
b10b13b865
commit
fa853f7e1d
@ -4,7 +4,6 @@
|
|||||||
<item type="id" name="dialog_confirm_delete"/>
|
<item type="id" name="dialog_confirm_delete"/>
|
||||||
<item type="id" name="dialog_confirm_spam"/>
|
<item type="id" name="dialog_confirm_spam"/>
|
||||||
<item type="id" name="dialog_attachment_progress"/>
|
<item type="id" name="dialog_attachment_progress"/>
|
||||||
<item type="id" name="dialog_client_certificate_not_supported"/>
|
|
||||||
<item type="id" name="dialog_account_setup_error"/>
|
<item type="id" name="dialog_account_setup_error"/>
|
||||||
|
|
||||||
</resources>
|
</resources>
|
||||||
|
@ -1124,11 +1124,7 @@ Please submit bug reports, contribute new features and ask questions at
|
|||||||
|
|
||||||
<!-- === Client certificates specific ================================================================== -->
|
<!-- === Client certificates specific ================================================================== -->
|
||||||
<string name="account_setup_basics_client_certificate">Use client certificate</string>
|
<string name="account_setup_basics_client_certificate">Use client certificate</string>
|
||||||
|
|
||||||
<string name="dialog_client_certificate_title">Client Certificate Authentication</string>
|
|
||||||
<string name="dialog_client_certificate_not_supported">Client certificates are not supported on Android versions below 4.0.</string>
|
|
||||||
<string name="dialog_client_certificate_required">This server requires a valid client certificate to be selected.</string>
|
<string name="dialog_client_certificate_required">This server requires a valid client certificate to be selected.</string>
|
||||||
|
|
||||||
<string name="client_certificate_spinner_empty">No client certificate</string>
|
<string name="client_certificate_spinner_empty">No client certificate</string>
|
||||||
<string name="client_certificate_spinner_delete">Remove client certificate selection</string>
|
<string name="client_certificate_spinner_delete">Remove client certificate selection</string>
|
||||||
</resources>
|
</resources>
|
||||||
|
@ -31,7 +31,6 @@ import com.fsck.k9.mail.Store;
|
|||||||
import com.fsck.k9.mail.Transport;
|
import com.fsck.k9.mail.Transport;
|
||||||
import com.fsck.k9.mail.store.WebDavStore;
|
import com.fsck.k9.mail.store.WebDavStore;
|
||||||
import com.fsck.k9.mail.filter.Hex;
|
import com.fsck.k9.mail.filter.Hex;
|
||||||
import com.fsck.k9.net.ssl.SslHelper;
|
|
||||||
import com.fsck.k9.security.KeyChainKeyManager;
|
import com.fsck.k9.security.KeyChainKeyManager;
|
||||||
|
|
||||||
import java.security.cert.CertificateException;
|
import java.security.cert.CertificateException;
|
||||||
@ -201,21 +200,6 @@ public class AccountSetupCheckSettings extends K9Activity implements OnClickList
|
|||||||
if (K9.DEBUG)
|
if (K9.DEBUG)
|
||||||
Log.d(K9.LOG_TAG, "Client certificate alias required: " + ccr.getMessage());
|
Log.d(K9.LOG_TAG, "Client certificate alias required: " + ccr.getMessage());
|
||||||
|
|
||||||
/*
|
|
||||||
* If the KeyChain API is not available on this Android
|
|
||||||
* version, inform user and abort
|
|
||||||
*/
|
|
||||||
if (!SslHelper.isClientCertificateSupportAvailable()) {
|
|
||||||
mHandler.post(new Runnable() {
|
|
||||||
public void run() {
|
|
||||||
showDialogFragment(R.id.dialog_client_certificate_not_supported);
|
|
||||||
}
|
|
||||||
});
|
|
||||||
|
|
||||||
// abort
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
String alias = null;
|
String alias = null;
|
||||||
if (CheckDirection.INCOMING.equals(mDirection)) {
|
if (CheckDirection.INCOMING.equals(mDirection)) {
|
||||||
ServerSettings storeSettings = Store.decodeStoreUri(mAccount.getStoreUri());
|
ServerSettings storeSettings = Store.decodeStoreUri(mAccount.getStoreUri());
|
||||||
@ -486,10 +470,6 @@ public class AccountSetupCheckSettings extends K9Activity implements OnClickList
|
|||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
private void showDialogFragment(int dialogId) {
|
|
||||||
showDialogFragment(dialogId, null);
|
|
||||||
}
|
|
||||||
|
|
||||||
private void showDialogFragment(int dialogId, String customMessage) {
|
private void showDialogFragment(int dialogId, String customMessage) {
|
||||||
if (mDestroyed) {
|
if (mDestroyed) {
|
||||||
return;
|
return;
|
||||||
@ -507,14 +487,6 @@ public class AccountSetupCheckSettings extends K9Activity implements OnClickList
|
|||||||
);
|
);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
case R.id.dialog_client_certificate_not_supported: {
|
|
||||||
fragment = ConfirmationDialogFragment.newInstance(dialogId,
|
|
||||||
getString(R.string.dialog_client_certificate_title),
|
|
||||||
getString(R.string.dialog_client_certificate_not_supported),
|
|
||||||
getString(android.R.string.ok)
|
|
||||||
);
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
default: {
|
default: {
|
||||||
throw new RuntimeException("Called showDialog(int) with unknown dialog id.");
|
throw new RuntimeException("Called showDialog(int) with unknown dialog id.");
|
||||||
}
|
}
|
||||||
@ -546,8 +518,7 @@ public class AccountSetupCheckSettings extends K9Activity implements OnClickList
|
|||||||
@Override
|
@Override
|
||||||
public void doNegativeClick(int dialogId) {
|
public void doNegativeClick(int dialogId) {
|
||||||
switch (dialogId) {
|
switch (dialogId) {
|
||||||
case R.id.dialog_account_setup_error:
|
case R.id.dialog_account_setup_error: {
|
||||||
case R.id.dialog_client_certificate_not_supported: {
|
|
||||||
mCanceled = false;
|
mCanceled = false;
|
||||||
setResult(RESULT_OK);
|
setResult(RESULT_OK);
|
||||||
finish();
|
finish();
|
||||||
|
@ -31,7 +31,6 @@ import com.fsck.k9.mail.store.WebDavStore;
|
|||||||
import com.fsck.k9.mail.store.ImapStore.ImapStoreSettings;
|
import com.fsck.k9.mail.store.ImapStore.ImapStoreSettings;
|
||||||
import com.fsck.k9.mail.store.WebDavStore.WebDavStoreSettings;
|
import com.fsck.k9.mail.store.WebDavStore.WebDavStoreSettings;
|
||||||
import com.fsck.k9.mail.transport.SmtpTransport;
|
import com.fsck.k9.mail.transport.SmtpTransport;
|
||||||
import com.fsck.k9.net.ssl.SslHelper;
|
|
||||||
import com.fsck.k9.service.MailService;
|
import com.fsck.k9.service.MailService;
|
||||||
import com.fsck.k9.view.ClientCertificateSpinner;
|
import com.fsck.k9.view.ClientCertificateSpinner;
|
||||||
import com.fsck.k9.view.ClientCertificateSpinner.OnClientCertificateChangedListener;
|
import com.fsck.k9.view.ClientCertificateSpinner.OnClientCertificateChangedListener;
|
||||||
@ -140,7 +139,7 @@ public class AccountSetupIncoming extends K9Activity implements OnClickListener
|
|||||||
}
|
}
|
||||||
});
|
});
|
||||||
|
|
||||||
mAuthTypeAdapter = AuthType.getArrayAdapter(this, SslHelper.isClientCertificateSupportAvailable());
|
mAuthTypeAdapter = AuthType.getArrayAdapter(this);
|
||||||
mAuthTypeView.setAdapter(mAuthTypeAdapter);
|
mAuthTypeView.setAdapter(mAuthTypeAdapter);
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
@ -24,7 +24,6 @@ import com.fsck.k9.mail.ConnectionSecurity;
|
|||||||
import com.fsck.k9.mail.ServerSettings;
|
import com.fsck.k9.mail.ServerSettings;
|
||||||
import com.fsck.k9.mail.Transport;
|
import com.fsck.k9.mail.Transport;
|
||||||
import com.fsck.k9.mail.transport.SmtpTransport;
|
import com.fsck.k9.mail.transport.SmtpTransport;
|
||||||
import com.fsck.k9.net.ssl.SslHelper;
|
|
||||||
import com.fsck.k9.view.ClientCertificateSpinner;
|
import com.fsck.k9.view.ClientCertificateSpinner;
|
||||||
import com.fsck.k9.view.ClientCertificateSpinner.OnClientCertificateChangedListener;
|
import com.fsck.k9.view.ClientCertificateSpinner.OnClientCertificateChangedListener;
|
||||||
|
|
||||||
@ -113,7 +112,7 @@ public class AccountSetupOutgoing extends K9Activity implements OnClickListener,
|
|||||||
|
|
||||||
mSecurityTypeView.setAdapter(ConnectionSecurity.getArrayAdapter(this));
|
mSecurityTypeView.setAdapter(ConnectionSecurity.getArrayAdapter(this));
|
||||||
|
|
||||||
mAuthTypeAdapter = AuthType.getArrayAdapter(this, SslHelper.isClientCertificateSupportAvailable());
|
mAuthTypeAdapter = AuthType.getArrayAdapter(this);
|
||||||
mAuthTypeView.setAdapter(mAuthTypeAdapter);
|
mAuthTypeView.setAdapter(mAuthTypeAdapter);
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
@ -45,13 +45,8 @@ public enum AuthType {
|
|||||||
|
|
||||||
LOGIN(0);
|
LOGIN(0);
|
||||||
|
|
||||||
static public ArrayAdapter<AuthType> getArrayAdapter(Context context, boolean includeExternal) {
|
static public ArrayAdapter<AuthType> getArrayAdapter(Context context) {
|
||||||
AuthType[] authTypes;
|
AuthType[] authTypes = new AuthType[]{PLAIN, CRAM_MD5, EXTERNAL};
|
||||||
if (includeExternal) {
|
|
||||||
authTypes = new AuthType[]{PLAIN, CRAM_MD5, EXTERNAL};
|
|
||||||
} else {
|
|
||||||
authTypes = new AuthType[]{PLAIN, CRAM_MD5};
|
|
||||||
}
|
|
||||||
ArrayAdapter<AuthType> authTypesAdapter = new ArrayAdapter<AuthType>(context,
|
ArrayAdapter<AuthType> authTypesAdapter = new ArrayAdapter<AuthType>(context,
|
||||||
android.R.layout.simple_spinner_item, authTypes);
|
android.R.layout.simple_spinner_item, authTypes);
|
||||||
authTypesAdapter.setDropDownViewResource(android.R.layout.simple_spinner_dropdown_item);
|
authTypesAdapter.setDropDownViewResource(android.R.layout.simple_spinner_dropdown_item);
|
||||||
|
@ -11,8 +11,6 @@ import javax.net.ssl.KeyManager;
|
|||||||
import javax.net.ssl.SSLContext;
|
import javax.net.ssl.SSLContext;
|
||||||
import javax.net.ssl.TrustManager;
|
import javax.net.ssl.TrustManager;
|
||||||
|
|
||||||
import android.annotation.SuppressLint;
|
|
||||||
import android.os.Build;
|
|
||||||
import android.util.Log;
|
import android.util.Log;
|
||||||
|
|
||||||
import com.fsck.k9.K9;
|
import com.fsck.k9.K9;
|
||||||
@ -25,23 +23,8 @@ import com.fsck.k9.security.KeyChainKeyManager;
|
|||||||
*/
|
*/
|
||||||
public class SslHelper {
|
public class SslHelper {
|
||||||
|
|
||||||
/**
|
|
||||||
* KeyChain API available on Android >= 4.0
|
|
||||||
*
|
|
||||||
* @return true if API is available
|
|
||||||
*/
|
|
||||||
public static boolean isClientCertificateSupportAvailable() {
|
|
||||||
return (Build.VERSION.SDK_INT >= Build.VERSION_CODES.ICE_CREAM_SANDWICH);
|
|
||||||
}
|
|
||||||
|
|
||||||
@SuppressLint("TrulyRandom")
|
|
||||||
private static SSLContext createSslContext(String host, int port, String clientCertificateAlias)
|
private static SSLContext createSslContext(String host, int port, String clientCertificateAlias)
|
||||||
throws NoSuchAlgorithmException, KeyManagementException, MessagingException {
|
throws NoSuchAlgorithmException, KeyManagementException, MessagingException {
|
||||||
if (clientCertificateAlias != null && !isClientCertificateSupportAvailable()) {
|
|
||||||
throw new MessagingException(
|
|
||||||
"Client certificate support is only availble on Android >= 4.0", true);
|
|
||||||
}
|
|
||||||
|
|
||||||
if (K9.DEBUG)
|
if (K9.DEBUG)
|
||||||
Log.d(K9.LOG_TAG, "createSslContext: Client certificate alias: "
|
Log.d(K9.LOG_TAG, "createSslContext: Client certificate alias: "
|
||||||
+ clientCertificateAlias);
|
+ clientCertificateAlias);
|
||||||
|
@ -7,7 +7,6 @@ import java.security.PrivateKey;
|
|||||||
import java.security.cert.X509Certificate;
|
import java.security.cert.X509Certificate;
|
||||||
import javax.net.ssl.X509ExtendedKeyManager;
|
import javax.net.ssl.X509ExtendedKeyManager;
|
||||||
|
|
||||||
import android.annotation.TargetApi;
|
|
||||||
import android.app.Activity;
|
import android.app.Activity;
|
||||||
import android.os.Build;
|
import android.os.Build;
|
||||||
import android.security.KeyChain;
|
import android.security.KeyChain;
|
||||||
@ -24,7 +23,6 @@ import com.fsck.k9.mail.ClientCertificateRequiredException;
|
|||||||
* selection is requested, we harvest the parameters during the handshake and
|
* selection is requested, we harvest the parameters during the handshake and
|
||||||
* abort with a custom (runtime) ClientCertificateRequiredException.
|
* abort with a custom (runtime) ClientCertificateRequiredException.
|
||||||
*/
|
*/
|
||||||
@TargetApi(Build.VERSION_CODES.ICE_CREAM_SANDWICH)
|
|
||||||
public class KeyChainKeyManager extends X509ExtendedKeyManager {
|
public class KeyChainKeyManager extends X509ExtendedKeyManager {
|
||||||
|
|
||||||
private static PrivateKey sClientCertificateReferenceWorkaround;
|
private static PrivateKey sClientCertificateReferenceWorkaround;
|
||||||
|
Loading…
Reference in New Issue
Block a user