Add network support for revocation list with publication time display

[Copilot]

Overview

This PR implements support for fetching the latest certificate revocation list from the network and displays its publication time in the UI, addressing the feature request in issue #[issue_number].

问题描述 (Problem Statement): 支持从网络拉取最新吊销列表，并且在UI显示当前使用的吊销列表发布时间

Changes

Network Fetching

The revocation list is now fetched from https://android.googleapis.com/attestation/status with automatic fallback to the bundled local status.json file if the network request fails. The implementation includes:

• 10-second connect and read timeouts to prevent blocking
• Proper error handling with comprehensive logging
• Thread-safe lazy initialization using double-checked locking
• Background preloading in AppApplication.onCreate() to avoid main thread blocking

Timestamp Parsing & Display

The implementation extracts the publication time from the HTTP Last-Modified header when fetching the revocation list from the network. This provides a standard, server-controlled timestamp indicating when the revocation list was last updated.

The publication time appears in the certificate chain section with localized labels:

• English: "Revocation list publish time"
• Chinese: "吊销列表发布时间"

If no timestamp is available (e.g., when using the local file or if the header is missing), the UI displays "(empty)".

Technical Details

Last-Modified Header Extraction

// Extract Last-Modified header for publish time
long lastModified = connection.getLastModified();
if (lastModified != 0) {
    publishTime = new Date(lastModified);
    Log.i(TAG, "Revocation list Last-Modified: " + publishTime);
}

Thread Safety

The implementation uses a double-checked locking pattern to ensure thread-safe initialization:

if (data == null) {
    synchronized (RevocationList.class) {
        if (data == null) {
            data = getStatus();
        }
    }
}

Background initialization in AppApplication ensures the revocation list is loaded before users need it, preventing any UI thread blocking.

Backward Compatibility

• ✅ Works with or without the Last-Modified HTTP header
• ✅ Maintains full compatibility with local status.json file
• ✅ No changes to existing certificate verification logic
• ✅ Respects vendor-specific revocation list URLs

Error Handling

Network failures are handled gracefully:

1. Connection timeouts after 10 seconds
2. All exceptions are caught and logged with appropriate warnings
3. Automatic fallback to bundled local file
4. App continues to function normally even if network is unavailable

Files Changed

• AndroidManifest.xml: Added INTERNET permission
• RevocationList.java: Network fetching, Last-Modified header extraction, thread-safe initialization
• AppApplication.kt: Background preloading
• HomeAdapter.kt: UI display logic
• strings.xml / strings-zh-rCN.xml: Localized strings

Total: 6 files changed, 95 insertions(+), 12 deletions(-)

Testing

Manual testing is required on an Android device to verify:

• Network fetching succeeds when online
• Last-Modified header is correctly extracted and logged
• Fallback to local file works when offline
• UI displays timestamp correctly in both English and Chinese
• No ANR errors or performance issues
• Thread safety under rapid app restarts

Benefits

• 🔄 Users always get the latest revocation data when online
• 📅 Transparency about when the revocation list was published
• 🛡️ Improved security through up-to-date revocation information
• 📱 Better user experience with visible data freshness indicators
• 🌐 Works seamlessly both online and offline
• ✨ Uses standard HTTP Last-Modified header for reliable timestamp information

Original prompt

支持从网络拉取最新吊销列表，并且在UI显示当前使用的吊销列表发布时间

---

✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.