Hi, when a self-signed certificate used on a webdav server, app’s warning shows sha-1 fingerprint, but says it’s sha-256
Just tried to reproduce it using twizzel/webdav and Cryptomator for Android v1.8.1
There I see SHA-256
It says sha-256, but why does it only have 20 bytes like sha-1 does?
sha-1 (160-bit) = 20 bytes
sha-256 (256-bit) = 32 bytes
Here is an example of this site’s certificate hashes by Firefox:
Of course, you are absolutely right.
Thank you for your feedback, I have created "Invalid SSL certificate" dialog should show SHA-256 fingerprint of the certificate when using WebDAV · Issue #490 · cryptomator/android · GitHub and also fixed it directly.