2 * Copyright 2018-2019,2021-2023 Soren Stoutner <soren@stoutner.com>.
4 * This file is part of Privacy Browser Android <https://www.stoutner.com/privacy-browser-android>.
6 * Privacy Browser Android is free software: you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation, either version 3 of the License, or
9 * (at your option) any later version.
11 * Privacy Browser Android is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with Privacy Browser Android. If not, see <http://www.gnu.org/licenses/>.
20 package com.stoutner.privacybrowser.helpers
22 import androidx.fragment.app.DialogFragment
23 import androidx.fragment.app.FragmentManager
25 import com.stoutner.privacybrowser.activities.MainWebViewActivity
26 import com.stoutner.privacybrowser.dataclasses.PendingDialogDataClass
27 import com.stoutner.privacybrowser.dialogs.PinnedMismatchDialog.Companion.displayDialog
28 import com.stoutner.privacybrowser.views.NestedScrollWebView
30 import java.lang.Exception
34 object CheckPinnedMismatchHelper {
35 fun checkPinnedMismatch(nestedScrollWebView: NestedScrollWebView, supportFragmentManager: FragmentManager, pinnedMismatchString: String) {
36 // Initialize the current SSL certificate variables.
37 var currentWebsiteIssuedToCName = ""
38 var currentWebsiteIssuedToOName = ""
39 var currentWebsiteIssuedToUName = ""
40 var currentWebsiteIssuedByCName = ""
41 var currentWebsiteIssuedByOName = ""
42 var currentWebsiteIssuedByUName = ""
43 var currentWebsiteSslStartDate: Date? = null
44 var currentWebsiteSslEndDate: Date? = null
46 // Initialize the pinned SSL certificate variables.
47 var pinnedSslIssuedToCName = ""
48 var pinnedSslIssuedToOName = ""
49 var pinnedSslIssuedToUName = ""
50 var pinnedSslIssuedByCName = ""
51 var pinnedSslIssuedByOName = ""
52 var pinnedSslIssuedByUName = ""
53 var pinnedSslStartDate: Date? = null
54 var pinnedSslEndDate: Date? = null
56 // Get the current website SSL certificate.
57 val currentWebsiteSslCertificate = nestedScrollWebView.certificate
59 // Extract the individual pieces of information from the current website SSL certificate if it is not null.
60 if (currentWebsiteSslCertificate != null) {
61 currentWebsiteIssuedToCName = currentWebsiteSslCertificate.issuedTo.cName
62 currentWebsiteIssuedToOName = currentWebsiteSslCertificate.issuedTo.oName
63 currentWebsiteIssuedToUName = currentWebsiteSslCertificate.issuedTo.uName
64 currentWebsiteIssuedByCName = currentWebsiteSslCertificate.issuedBy.cName
65 currentWebsiteIssuedByOName = currentWebsiteSslCertificate.issuedBy.oName
66 currentWebsiteIssuedByUName = currentWebsiteSslCertificate.issuedBy.uName
67 currentWebsiteSslStartDate = currentWebsiteSslCertificate.validNotBeforeDate
68 currentWebsiteSslEndDate = currentWebsiteSslCertificate.validNotAfterDate
71 // Get the pinned SSL certificate information if it exists.
72 if (nestedScrollWebView.hasPinnedSslCertificate()) {
73 // Get the pinned SSL certificate.
74 val pinnedSslCertificatePair = nestedScrollWebView.getPinnedSslCertificate()
76 // Extract the arrays from the array list.
77 val pinnedSslCertificateStringArray = pinnedSslCertificatePair.first
78 val pinnedSslCertificateDateArray = pinnedSslCertificatePair.second
80 // Populate the pinned SSL certificate string variables.
81 pinnedSslIssuedToCName = pinnedSslCertificateStringArray[0]
82 pinnedSslIssuedToOName = pinnedSslCertificateStringArray[1]
83 pinnedSslIssuedToUName = pinnedSslCertificateStringArray[2]
84 pinnedSslIssuedByCName = pinnedSslCertificateStringArray[3]
85 pinnedSslIssuedByOName = pinnedSslCertificateStringArray[4]
86 pinnedSslIssuedByUName = pinnedSslCertificateStringArray[5]
88 // Populate the pinned SSL certificate date variables.
89 pinnedSslStartDate = pinnedSslCertificateDateArray[0]
90 pinnedSslEndDate = pinnedSslCertificateDateArray[1]
93 // Initialize string variables to store the SSL certificate dates. Strings are needed to compare the values below, which doesn't work with dates if the first one is null.
94 var currentWebsiteSslStartDateString = ""
95 var currentWebsiteSslEndDateString = ""
96 var pinnedSslStartDateString = ""
97 var pinnedSslEndDateString = ""
99 // Convert the dates to strings if they are not null.
100 if (currentWebsiteSslStartDate != null) {
101 currentWebsiteSslStartDateString = currentWebsiteSslStartDate.toString()
103 if (currentWebsiteSslEndDate != null) {
104 currentWebsiteSslEndDateString = currentWebsiteSslEndDate.toString()
106 if (pinnedSslStartDate != null) {
107 pinnedSslStartDateString = pinnedSslStartDate.toString()
109 if (pinnedSslEndDate != null) {
110 pinnedSslEndDateString = pinnedSslEndDate.toString()
113 // Check to see if the pinned information matches the current information.
114 if (((nestedScrollWebView.pinnedIpAddresses.isNotEmpty()) && (nestedScrollWebView.currentIpAddresses != nestedScrollWebView.pinnedIpAddresses)) ||
115 (nestedScrollWebView.hasPinnedSslCertificate() && ((currentWebsiteIssuedToCName != pinnedSslIssuedToCName) ||
116 (currentWebsiteIssuedToOName != pinnedSslIssuedToOName) || (currentWebsiteIssuedToUName != pinnedSslIssuedToUName) ||
117 (currentWebsiteIssuedByCName != pinnedSslIssuedByCName) || (currentWebsiteIssuedByOName != pinnedSslIssuedByOName) ||
118 (currentWebsiteIssuedByUName != pinnedSslIssuedByUName) || (currentWebsiteSslStartDateString != pinnedSslStartDateString) ||
119 (currentWebsiteSslEndDateString != pinnedSslEndDateString)))) {
121 // Get a handle for the pinned mismatch alert dialog.
122 val pinnedMismatchDialogFragment: DialogFragment = displayDialog(nestedScrollWebView.webViewFragmentId)
124 // Try to show the dialog. Sometimes the window is not active.
126 // Show the pinned mismatch alert dialog.
127 pinnedMismatchDialogFragment.show(supportFragmentManager, pinnedMismatchString)
128 } catch (exception: Exception) {
129 // Add the dialog to the pending dialog array list. It will be displayed in `onStart()`.
130 MainWebViewActivity.pendingDialogsArrayList.add(PendingDialogDataClass(pinnedMismatchDialogFragment, pinnedMismatchString))