2 * Copyright © 2016-2018 Soren Stoutner <soren@stoutner.com>.
4 * This file is part of Privacy Browser <https://www.stoutner.com/privacy-browser>.
6 * Privacy Browser is free software: you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation, either version 3 of the License, or
9 * (at your option) any later version.
11 * Privacy Browser is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with Privacy Browser. If not, see <http://www.gnu.org/licenses/>.
20 package com.stoutner.privacybrowser.dialogs;
22 import android.annotation.SuppressLint;
23 import android.app.AlertDialog;
24 import android.app.Dialog;
25 import android.content.Context;
26 import android.content.DialogInterface;
27 import android.net.http.SslCertificate;
28 import android.net.http.SslError;
29 import android.os.Bundle;
30 import android.support.annotation.NonNull;
31 // `AppCompatDialogFragment` is used instead of `DialogFragment` to avoid an error on API <=22.
32 import android.support.v7.app.AppCompatDialogFragment;
33 import android.text.SpannableStringBuilder;
34 import android.text.Spanned;
35 import android.text.style.ForegroundColorSpan;
36 import android.view.LayoutInflater;
37 import android.view.WindowManager;
38 import android.widget.TextView;
40 import com.stoutner.privacybrowser.R;
41 import com.stoutner.privacybrowser.activities.MainWebViewActivity;
43 import java.text.DateFormat;
44 import java.util.Date;
46 public class SslCertificateErrorDialog extends AppCompatDialogFragment {
47 // `sslCertificateErrorListener` is used in `onAttach` and `onCreateDialog`.
48 private SslCertificateErrorListener sslCertificateErrorListener;
50 // The public interface is used to send information back to the parent activity.
51 public interface SslCertificateErrorListener {
52 void onSslErrorCancel();
54 void onSslErrorProceed();
57 public void onAttach(Context context) {
58 // Run the default commands.
59 super.onAttach(context);
61 // Get a handle for `SslCertificateErrorListener` from the launching context.
62 sslCertificateErrorListener = (SslCertificateErrorListener) context;
65 public static SslCertificateErrorDialog displayDialog(SslError error) {
66 // Get the various components of the SSL error message.
67 int primaryErrorIntForBundle = error.getPrimaryError();
68 String urlWithErrorForBundle = error.getUrl();
69 SslCertificate sslCertificate = error.getCertificate();
70 String issuedToCNameForBundle = sslCertificate.getIssuedTo().getCName();
71 String issuedToONameForBundle = sslCertificate.getIssuedTo().getOName();
72 String issuedToUNameForBundle = sslCertificate.getIssuedTo().getUName();
73 String issuedByCNameForBundle = sslCertificate.getIssuedBy().getCName();
74 String issuedByONameForBundle = sslCertificate.getIssuedBy().getOName();
75 String issuedByUNameForBundle = sslCertificate.getIssuedBy().getUName();
76 Date startDateForBundle = sslCertificate.getValidNotBeforeDate();
77 Date endDateForBundle = sslCertificate.getValidNotAfterDate();
79 // Store the SSL error message components in a `Bundle`.
80 Bundle argumentsBundle = new Bundle();
81 argumentsBundle.putInt("PrimaryErrorInt", primaryErrorIntForBundle);
82 argumentsBundle.putString("UrlWithError", urlWithErrorForBundle);
83 argumentsBundle.putString("IssuedToCName", issuedToCNameForBundle);
84 argumentsBundle.putString("IssuedToOName", issuedToONameForBundle);
85 argumentsBundle.putString("IssuedToUName", issuedToUNameForBundle);
86 argumentsBundle.putString("IssuedByCName", issuedByCNameForBundle);
87 argumentsBundle.putString("IssuedByOName", issuedByONameForBundle);
88 argumentsBundle.putString("IssuedByUName", issuedByUNameForBundle);
89 argumentsBundle.putString("StartDate", DateFormat.getDateTimeInstance(DateFormat.MEDIUM, DateFormat.LONG).format(startDateForBundle));
90 argumentsBundle.putString("EndDate", DateFormat.getDateTimeInstance(DateFormat.MEDIUM, DateFormat.LONG).format(endDateForBundle));
92 // Add `argumentsBundle` to this instance of `SslCertificateErrorDialog`.
93 SslCertificateErrorDialog thisSslCertificateErrorDialog = new SslCertificateErrorDialog();
94 thisSslCertificateErrorDialog.setArguments(argumentsBundle);
95 return thisSslCertificateErrorDialog;
98 // `@SuppressLing("InflateParams")` removes the warning about using `null` as the parent view group when inflating the `AlertDialog`.
99 @SuppressLint("InflateParams")
100 @SuppressWarnings("deprecation")
103 public Dialog onCreateDialog(Bundle savedInstanceState) {
104 // Remove the incorrect lint warning that `getArguments()` might be null.
105 assert getArguments() != null;
107 // Get the components of the SSL error message from the bundle.
108 int primaryErrorInt = getArguments().getInt("PrimaryErrorInt");
109 String urlWithError = getArguments().getString("UrlWithError");
110 String issuedToCName = getArguments().getString("IssuedToCName");
111 String issuedToOName = getArguments().getString("IssuedToOName");
112 String issuedToUName = getArguments().getString("IssuedToUName");
113 String issuedByCName = getArguments().getString("IssuedByCName");
114 String issuedByOName = getArguments().getString("IssuedByOName");
115 String issuedByUName = getArguments().getString("IssuedByUName");
116 String startDate = getArguments().getString("StartDate");
117 String endDate = getArguments().getString("EndDate");
119 // Remove the incorrect lint warning that `getActivity()` might be null.
120 assert getActivity() != null;
122 // Get the activity's layout inflater.
123 LayoutInflater layoutInflater = getActivity().getLayoutInflater();
125 // Use an alert dialog builder to create the alert dialog.
126 AlertDialog.Builder dialogBuilder;
128 // Set the style and icon according to the theme.
129 if (MainWebViewActivity.darkTheme) {
131 dialogBuilder = new AlertDialog.Builder(getActivity(), R.style.PrivacyBrowserAlertDialogDark);
134 dialogBuilder.setIcon(R.drawable.ssl_certificate_enabled_dark);
137 dialogBuilder = new AlertDialog.Builder(getActivity(), R.style.PrivacyBrowserAlertDialogLight);
140 dialogBuilder.setIcon(R.drawable.ssl_certificate_enabled_light);
144 dialogBuilder.setTitle(R.string.ssl_certificate_error);
146 // Set the view. The parent view is `null` because it will be assigned by `AlertDialog`.
147 dialogBuilder.setView(layoutInflater.inflate(R.layout.ssl_certificate_error, null));
149 // Set a listener on the negative button.
150 dialogBuilder.setNegativeButton(R.string.cancel, (DialogInterface dialog, int which) -> sslCertificateErrorListener.onSslErrorCancel());
152 // Set a listener on the positive button.
153 dialogBuilder.setPositiveButton(R.string.proceed, (DialogInterface dialog, int which) -> sslCertificateErrorListener.onSslErrorProceed());
156 // Create an alert dialog from the alert dialog builder.
157 AlertDialog alertDialog = dialogBuilder.create();
159 // Disable screenshots if not allowed.
160 if (!MainWebViewActivity.allowScreenshots) {
161 // Remove the warning below that `getWindow()` might be null.
162 assert alertDialog.getWindow() != null;
164 // Disable screenshots.
165 alertDialog.getWindow().addFlags(WindowManager.LayoutParams.FLAG_SECURE);
168 // We have to show the alert dialog before we can modify the content.
171 // Get handles for the `TextViews`
172 TextView primaryErrorTextView = alertDialog.findViewById(R.id.primary_error);
173 TextView urlTextView = alertDialog.findViewById(R.id.url_error_dialog);
174 TextView issuedToCNameTextView = alertDialog.findViewById(R.id.issued_to_cname_error_dialog);
175 TextView issuedToONameTextView = alertDialog.findViewById(R.id.issued_to_oname_error_dialog);
176 TextView issuedToUNameTextView = alertDialog.findViewById(R.id.issued_to_uname_error_dialog);
177 TextView issuedByTextView = alertDialog.findViewById(R.id.issued_by_textview);
178 TextView issuedByCNameTextView = alertDialog.findViewById(R.id.issued_by_cname_error_dialog);
179 TextView issuedByONameTextView = alertDialog.findViewById(R.id.issued_by_oname_error_dialog);
180 TextView issuedByUNameTextView = alertDialog.findViewById(R.id.issued_by_uname_error_dialog);
181 TextView validDatesTextView = alertDialog.findViewById(R.id.valid_dates_textview);
182 TextView startDateTextView = alertDialog.findViewById(R.id.start_date_error_dialog);
183 TextView endDateTextView = alertDialog.findViewById(R.id.end_date_error_dialog);
185 // Setup the common strings.
186 String urlLabel = getString(R.string.url_label) + " ";
187 String cNameLabel = getString(R.string.common_name) + " ";
188 String oNameLabel = getString(R.string.organization) + " ";
189 String uNameLabel = getString(R.string.organizational_unit) + " ";
190 String startDateLabel = getString(R.string.start_date) + " ";
191 String endDateLabel = getString(R.string.end_date) + " ";
193 // Create a `SpannableStringBuilder` for each `TextView` that needs multiple colors of text.
194 SpannableStringBuilder urlStringBuilder = new SpannableStringBuilder(urlLabel + urlWithError);
195 SpannableStringBuilder issuedToCNameStringBuilder = new SpannableStringBuilder(cNameLabel + issuedToCName);
196 SpannableStringBuilder issuedToONameStringBuilder = new SpannableStringBuilder(oNameLabel + issuedToOName);
197 SpannableStringBuilder issuedToUNameStringBuilder = new SpannableStringBuilder(uNameLabel + issuedToUName);
198 SpannableStringBuilder issuedByCNameStringBuilder = new SpannableStringBuilder(cNameLabel + issuedByCName);
199 SpannableStringBuilder issuedByONameStringBuilder = new SpannableStringBuilder(oNameLabel + issuedByOName);
200 SpannableStringBuilder issuedByUNameStringBuilder = new SpannableStringBuilder(uNameLabel + issuedByUName);
201 SpannableStringBuilder startDateStringBuilder = new SpannableStringBuilder(startDateLabel + startDate);
202 SpannableStringBuilder endDateStringBuilder = new SpannableStringBuilder((endDateLabel + endDate));
204 // Create a red `ForegroundColorSpan`. We have to use the deprecated `getColor` until API >= 23.
205 @SuppressWarnings("deprecation") ForegroundColorSpan redColorSpan = new ForegroundColorSpan(getResources().getColor(R.color.red_a700));
207 // Create a blue `ForegroundColorSpan`.
208 ForegroundColorSpan blueColorSpan;
210 // Set `blueColorSpan` according to the theme. We have to use the deprecated `getColor()` until API >= 23.
211 if (MainWebViewActivity.darkTheme) {
212 //noinspection deprecation
213 blueColorSpan = new ForegroundColorSpan(getResources().getColor(R.color.blue_400));
215 //noinspection deprecation
216 blueColorSpan = new ForegroundColorSpan(getResources().getColor(R.color.blue_700));
219 // Setup the spans to display the certificate information in blue. `SPAN_INCLUSIVE_INCLUSIVE` allows the span to grow in either direction.
220 urlStringBuilder.setSpan(blueColorSpan, urlLabel.length(), urlStringBuilder.length(), Spanned.SPAN_INCLUSIVE_INCLUSIVE);
221 issuedToCNameStringBuilder.setSpan(blueColorSpan, cNameLabel.length(), issuedToCNameStringBuilder.length(), Spanned.SPAN_INCLUSIVE_INCLUSIVE);
222 issuedToONameStringBuilder.setSpan(blueColorSpan, oNameLabel.length(), issuedToONameStringBuilder.length(), Spanned.SPAN_INCLUSIVE_INCLUSIVE);
223 issuedToUNameStringBuilder.setSpan(blueColorSpan, uNameLabel.length(), issuedToUNameStringBuilder.length(), Spanned.SPAN_INCLUSIVE_INCLUSIVE);
224 issuedByCNameStringBuilder.setSpan(blueColorSpan, cNameLabel.length(), issuedByCNameStringBuilder.length(), Spanned.SPAN_INCLUSIVE_INCLUSIVE);
225 issuedByONameStringBuilder.setSpan(blueColorSpan, oNameLabel.length(), issuedByONameStringBuilder.length(), Spanned.SPAN_INCLUSIVE_INCLUSIVE);
226 issuedByUNameStringBuilder.setSpan(blueColorSpan, uNameLabel.length(), issuedByUNameStringBuilder.length(), Spanned.SPAN_INCLUSIVE_INCLUSIVE);
227 startDateStringBuilder.setSpan(blueColorSpan, startDateLabel.length(), startDateStringBuilder.length(), Spanned.SPAN_INCLUSIVE_INCLUSIVE);
228 endDateStringBuilder.setSpan(blueColorSpan, endDateLabel.length(), endDateStringBuilder.length(), Spanned.SPAN_INCLUSIVE_INCLUSIVE);
230 // Initialize `primaryErrorString`.
231 String primaryErrorString = "";
233 // Highlight the primary error in red and store the primary error string in `primaryErrorString`.
234 switch (primaryErrorInt) {
235 case SslError.SSL_IDMISMATCH:
236 // Change the URL span colors to red.
237 urlStringBuilder.setSpan(redColorSpan, urlLabel.length(), urlStringBuilder.length(), Spanned.SPAN_INCLUSIVE_INCLUSIVE);
238 issuedToCNameStringBuilder.setSpan(redColorSpan, cNameLabel.length(), issuedToCNameStringBuilder.length(), Spanned.SPAN_INCLUSIVE_INCLUSIVE);
240 // Store the primary error string.
241 primaryErrorString = getString(R.string.cn_mismatch);
244 case SslError.SSL_UNTRUSTED:
245 // Change the `issuesByTextView` text to red. We have to use the deprecated `getColor()` until API >= 23.
246 issuedByTextView.setTextColor(getResources().getColor(R.color.red_a700));
248 // Change the issued by span color to red.
249 issuedByCNameStringBuilder.setSpan(redColorSpan, cNameLabel.length(), issuedByCNameStringBuilder.length(), Spanned.SPAN_INCLUSIVE_INCLUSIVE);
250 issuedByONameStringBuilder.setSpan(redColorSpan, oNameLabel.length(), issuedByONameStringBuilder.length(), Spanned.SPAN_INCLUSIVE_INCLUSIVE);
251 issuedByUNameStringBuilder.setSpan(redColorSpan, uNameLabel.length(), issuedByUNameStringBuilder.length(), Spanned.SPAN_INCLUSIVE_INCLUSIVE);
253 // Store the primary error string.
254 primaryErrorString = getString(R.string.untrusted);
257 case SslError.SSL_DATE_INVALID:
258 // Change the `validDatesTextView` text to red. We have to use the deprecated `getColor()` until API >= 23.
259 validDatesTextView.setTextColor(getResources().getColor(R.color.red_a700));
261 // Change the date span colors to red.
262 startDateStringBuilder.setSpan(redColorSpan, startDateLabel.length(), startDateStringBuilder.length(), Spanned.SPAN_INCLUSIVE_INCLUSIVE);
263 endDateStringBuilder.setSpan(redColorSpan, endDateLabel.length(), endDateStringBuilder.length(), Spanned.SPAN_INCLUSIVE_INCLUSIVE);
265 // Store the primary error string.
266 primaryErrorString = getString(R.string.invalid_date);
269 case SslError.SSL_NOTYETVALID:
270 // Change the start date span color to red.
271 startDateStringBuilder.setSpan(redColorSpan, startDateLabel.length(), startDateStringBuilder.length(), Spanned.SPAN_INCLUSIVE_INCLUSIVE);
273 // Store the primary error string.
274 primaryErrorString = getString(R.string.future_certificate);
277 case SslError.SSL_EXPIRED:
278 // Change the end date span color to red.
279 endDateStringBuilder.setSpan(redColorSpan, endDateLabel.length(), endDateStringBuilder.length(), Spanned.SPAN_INCLUSIVE_INCLUSIVE);
281 // Store the primary error string.
282 primaryErrorString = getString(R.string.expired_certificate);
285 case SslError.SSL_INVALID:
286 // Store the primary error string.
287 primaryErrorString = getString(R.string.invalid_certificate);
292 // Display the strings.
293 primaryErrorTextView.setText(primaryErrorString);
294 urlTextView.setText(urlStringBuilder);
295 issuedToCNameTextView.setText(issuedToCNameStringBuilder);
296 issuedToONameTextView.setText(issuedToONameStringBuilder);
297 issuedToUNameTextView.setText(issuedToUNameStringBuilder);
298 issuedByCNameTextView.setText(issuedByCNameStringBuilder);
299 issuedByONameTextView.setText(issuedByONameStringBuilder);
300 issuedByUNameTextView.setText(issuedByUNameStringBuilder);
301 startDateTextView.setText(startDateStringBuilder);
302 endDateTextView.setText(endDateStringBuilder);
304 // `onCreateDialog` requires the return of an `AlertDialog`.