mirror/fdroidclient
1
0
Fork 0
mirror of https://github.com/f-droid/fdroidclient.git synced 2026-05-02 12:44:05 -04:00
Code Issues Packages Projects Releases Wiki Activity

[db] validate repo certificate

Browse Source 
for now only for initial repos, but eventually we should validate for CoreRepository as well to prevent invalid certs from entering the DB by other means.
This commit is contained in:
Torsten Grote
2023-08-01 12:08:38 +02:00
parent 1abad97226
commit 43816ffe8d
3 changed files with 34 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
libs/database/src/main/java/org/fdroid/database/Repository.kt
View File

@@ -36,6 +36,11 @@ internal data class CoreRepository(
internal companion object {
const val TABLE = "CoreRepository"
}
init {
// TODO comment in some time after #2662 had time to resolve itself
// validateCertificate(certificate)
}
}
internal fun RepoV2.toCoreRepository(
@@ -384,4 +389,15 @@ public data class InitialRepository @JvmOverloads constructor(
val version: Long,
val enabled: Boolean,
val weight: Int,
)
) {
init {
validateCertificate(certificate)
}
}
@Throws(IllegalArgumentException::class)
private fun validateCertificate(certificate: String?) {
if (certificate != null) require(certificate.length % 2 == 0 &&
certificate.chunked(2).find { it.toIntOrNull(16) == null } == null
) { "Invalid certificate: $certificate" }
}